
Reports of a widespread Spotify outage earlier this month were linked to an international anti-piracy operation by the streaming giant, as individuals relying on cracked or modded Spotify apps to enjoy Premium services for free faced sudden disruptions.
The so-called “outage” is believed to be a deliberate move by Spotify to disable access for users employing unauthorized versions of its app. Legitimate users remained unaffected.
Android devices were significantly affected, with reports surfacing from multiple countries around March 3, including Italy, Belarus, Ukraine, and the United States, suggesting a phased rollout of Spotify's anti-piracy measures.
Google Trends data reflected a sharp spike in searches related to cracked Spotify Premium APKs, highlighting the global scale of piracy and the reactive behavior of impacted users.
Queries ranged from general searches for "Spotify Premium APK" to highly specific requests like "com.spotify.music apk arm64-v8a."
Despite Spotify’s efforts, the tactic only momentarily deterred piracy. Within days, new versions of modded Spotify APKs were made available online, offering a workaround to the crackdown. Communities on platforms like Reddit quickly began distributing links to these apps, with many users confirming their functionality.
Analysis reveals some modified APKs have the ability to access sensitive device functions, including contact lists, SMS logs, call records, and even calendar entries, exposing users to potential data theft and other security vulnerabilities.
One tested APK flagged as "malicious" by platforms like Hybrid Analysis demonstrated intrusive data-gathering capabilities. While free access to Spotify Premium might seem enticing to users, installing such compromised software could lead to severe privacy breaches.
Despite the availability of pirated solutions, not all users sought unauthorized apps. Notably, in Ukraine, some affected individuals opted to look for legitimate Spotify subscription options, aligning with Spotify's aim of converting unauthorized users into paying subscribers.
Meanwhile, security reports last week warned of phishing campaigns stealing Spotify user credentials using urgency lures such as account deactivation due to a payment issue.