Spotify playlists and podcasts are being abused to push pirated software, game cheat codes, spam links, and “warez” sites.

By injecting targeted keywords and links in playlist names and podcast descriptions, threat actors may benefit from boosting SEO for their dubious online properties, since Spotify’s web player results appear in search engines like Google.

  • Absaroka@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 month ago

    I enjoy that they’re focusing on ‘promoting pirated software and game cheats’ before talking about malware first.

    Cybersecurity ethusiast Karol Paciorek who spotted the playlist said, “cybercriminals exploit Spotify for malware distribution. Why? Spotify has a strong reputation and its pages are easily indexed by search engines, making it an effective platform to promote malicious links.”

    That’s a very different, more helpful story. “Watch out, Spotify links are being used to distribute malware to your computer.”

    When abusing platforms, spammers and scammers leave no stone unturned to promote their agenda.

    Money. They aren’t doing this as part of a ‘peons of the world unite to steal software’ scheme. They’re doing it to generate traffic so they make more ad revenue.