Home > Industry > Fake Spotify Sites Will Leech Your Bank Details And Steal Your Bitcoin

Fake Spotify Sites Will Leech Your Bank Details And Steal Your Bitcoin

With 365 million users worldwide, it seems that almost everybody you know is signed up to Spotify. But those planning to test out the world’s largest music site should be aware that what looks like an ad for the service might in fact be a trap designed to steal all your sensitive information.

Cybersecurity firm ESET have discovered a number of fake Spotify sites that you enter via an authentic-looking Spotify advert, imploring you to test their service. You are then taken to a fake Microsoft Store site, and a zip file is automatically downloaded to your computer. This file (should you unzip it) will unleash Ficker, which is Trojan malware that harvests and sends data from your computer to criminals.

Ficker was delivered by Russian hacker, and was discovered this January. It saves logins, crypto wallets, credit card details, and other such data, zips it up, and sends it to whoever set up the initial Spotify trap.

So be careful: it may sound like a familiar song, but if you are downloading something, make sure the website URL checks out first.

You may also like
YouTube Adds Listening Control Feature
Local Broker Long On Spotify…Really?
Panasonic Confirms Six Months Of Data Breaches
Spotify Suddenly Ditches Car View Feature
MediaTek Chip Left A Third Of World’s Devices Open To Spying