Streaming platform Spotify hacked in latest cyber attack

Some of the world’s most popular musicians have had their Spotify pages defaced with messages supporting Donald Trump and Taylor Swift.

The criminal hacker, who called himself Daniel, replaced the biographies of artists including Dua Lipa and Lana Del Rey with a request to add him on Snapchat.

He also added the messages “Trump 2020” and “Best of all shout out to my queen Taylor Swift”.

‘Daniel’ also replaced the celebrities’ photos with one of himself.

An embarrassment

Given the number of cyber attacks we’ve seen over the past few years, it won’t necessarily be a surprise that Spotify was breached. However, the public nature of the incident will be embarrassing for the streaming platform.

It’s not clear how the attacker was able the deface the artists’ pages, but the most likely explanation is that he exploited a vulnerability related to Spotify for Artists.

The feature lets people “claim” an artist’s page or join a label to manage it.

The artist or a representative can make this claim through a verification process, but once someone has been assigned to manage the artist it cannot be claimed again.

It’s possible that the artists whose pages were defaced were the victims of a phishing scam, with the attacker gaining access to their login details to manage these pages.

The attack may also be the result of a vulnerability within Spotify’s systems. The organisation has declined to comment, but was quick to reverse the changes – although many were posted online.

The Weekly Round-up: subscribe now

No Responses