NITDA issues cybersecurity alert over Spotify threats

Cybercriminals are targeting victims via music streaming service Spotify.

Nigeria’s National Information Technology Development Agency (NITDA) has issued a public warning regarding a cybersecurity threat that involves the use of Spotify to promote malicious activities.

In a notice released yesterday, the agency revealed that cybercriminals are using Spotify to promote malicious activities including game hacks, pirated software, and spam links, which could expose users to significant cyber threats.

NITDA reported that these promotions are embedded in playlist titles and podcast descriptions, leading unsuspecting users to harmful websites.

On the nature of the threat, NITDA explained that these promotions are used to advertise game hacks for popular titles such as Fortnite, Grand Theft Auto, Apex Legends, and Roblox, along with pirated software and spam links.

“The exploitation of Spotify’s web player enhances the visibility of these dangerous sites in search engine results, increasing the risk of malware, scams, and phishing attacks,” reads the notice.

NITDA warned that interaction with these malicious links could compromise user devices and lead to the loss of personal and financial information.

The alert comes as cybercriminals continue to devise new strategies to exploit online platforms. NITDA recently warned the public about scams masquerading as cryptocurrency giveaways, primarily on TikTok, where victims are tricked into making crypto payments and having their wallets emptied.

Additionally, the agency has cautioned against fraudulent ChatGPT websites being promoted on Facebook, which mislead users into downloading harmful files.

NITDA also highlighted a malware variant named "CovertCatch," being disseminated via LinkedIn, targeting individuals in critical sectors by posing as recruiters or providers of job opportunites.

Read more