14 DAY TRIAL // Music streaming service Spotify has issued an apology to users after its software displayed a malicious ad that tried to infect computers.
The problem occurred last Thursday when users reported receiving security alerts related to the Spotify client from their antivirus programs.
The issue was traced to a malicious ad that made its way onto Spotify's network. The company's free service is supported by displaying ads inside the client.
Immediately after the incident, Spotify disabled all in-client ads in order to investigate and isolate the problem.
"A number of our Spotify Free/Open users in the UK, Sweden, France and Spain running Windows were targeted by a virus contained in an advert which began running yesterday evening," the company said in a statement, according to The Register.
"We quickly removed all third party display ads in order to protect users and ensure Spotify was safe to use. We then isolated and removed the malicious ad. Users with anti-virus software will have been protected.
"We sincerely apologise to any users affected. We'll continue working hard to ensure this does not happen again and that our users enjoy Spotify securely and in confidence," it added.
Spotify is not the first high-profile company to deal with such attacks, known in the security industry as malvertizing (malicious + advertising).
Back in January, users of the popular instant messaging client ICQ were infected with scareware via malicious ads introduced on the network.
Such rogue ads even got past the review processes of advertising giants like Google and Microsoft, the most recent such incident happening in December.
Malvertizing attacks are very dangerous precisely because they occur on services that people trust. They are an example of why users need to remain vigilant at all times and use the same measures of protection for all websites, popular or not.