Replies: 5 comments 6 replies
-
There's nothing in the code remotely related to grabbing spotify authentication. Nothing setup to send data to an external server. Nothing compiled or obfuscated to hide anything. If this password change event is true, it's entirely coincidence that it happened after applying SpotX. The script/code is wide open for all to read and review. This statement assumes that SpotX code was run directly from this repo or the official githack mirror. Any code/script/etc that isn't sourced directly from either official git repo or official telegram channel/group may not be safe. |
Beta Was this translation helpful? Give feedback.
-
If you logged in on a session for a browser tab, chances are you got your token stolen depending on what was open in it. Malwarebytes flags this yes, but its a false positive |
Beta Was this translation helpful? Give feedback.
-
Not only Malwarebytes but also Virustotal. It's flagged. |
Beta Was this translation helpful? Give feedback.
-
Guys this will Steal your password so, DONT INSTALL! It happened to aswell as mine got changed after few min so, not coincidence since i have antivirus, vpn and password manager to create random strong passwords which means it steals/exposes your session token. I guess 2 things is happening:
|
Beta Was this translation helpful? Give feedback.
-
hmm what was so special abt ur account that they stole urs but not mine |
Beta Was this translation helpful? Give feedback.
-
I received an email that my password was changed just 5 minutes after the installation, I thought it was safe because I used it before, I immediately recovered the account and uninstalled
Beta Was this translation helpful? Give feedback.
All reactions