Spotify has become the latest service to be hit by “malvertising”, after a malicious advert pushed through the free tier of the music streaming site started opening “questionable” website pop-ups for some users. The attack was reported by multiple users on social media throughout Wednesday morning.
For most, it simply resulted in pop-up windows opening, but a few users reported attempted malware installations further down the chain. In response to a user question, Spotify confirmed the reports. The issue comes because most large sites sell advertising space through third-party resellers, who pull in code for the adverts on the fly based on an open auction.Read more