Spotify ads slipped malware onto PCs and Macs

Spotify's ads crossed from nuisance over to outright nasty this week, after the music service’s advertising started serving up malware to users on Wednesday. The malware was able to automatically launch browser tabs on Windows and Mac PCs, according to complaints that surfaced online.

As is typical for this kind of malware, the ads directed users’ browsers to other malware-containing sites in the hopes that someone would be duped into downloading more malicious software. The “malvertising” attack didn’t last long as Spotify was able to quickly correct the problem.

“We’ve identified an issue where a small number of users were experiencing a problem with questionable website pop-ups in their default browsers as a result of an isolated issue with an ad on our Free tier,” Spotify said on several threads in its support forums. “We have now identified the source of the problem and have shut it down. We will continue to monitor the situation.”

Spotify's hardly the first tech company to get hit with malware in its ads. Google uncovered malware-loaded ads from an advertising partner in April 2015, and several days before that Yahoo announced it had removed malware from its advertising network.

The impact on you at home: If you're still experiencing malware pop-up problems uninstalling Spotify appears to solve the issue; however, you should also scan your PC with an anti-malware program such as Malwarebytes—a key part of PCWorld's ultimate free security suite—just to be sure. Unfortunately, it’s difficult to protect yourself from these kinds of malware attacks when they come from trusted sources like Spotify. Nevertheless, staying on top of updates for your operating system, browsers, and other programs, especially antivirus software, can help protect you from malware when it strikes.