# How Spotify's Premium Piracy Panic Played Out & What Pirates Did Next
Reports last week that Spotify had suddenly gone down worldwide were a little overblown. The 'outage' may have felt that big to those affected, and it may have been of some comfort if everyone had the same problem; after all, nobody likes to suffer alone. That doesn't mean the perceived outage was insignificant or had limited geographical reach. Spotify has neither confirmed nor denied anything, it's possible it never will. But something definitely happened.
## The Mysterious 'Outage'
Significant reports of Spotify 'downtime' began to surface around March 3rd and for the next several days, similar reports appeared on discussion platforms around the world. As the dust settled it became increasingly clear that this wasn't a global Spotify outage. Indeed, there's no evidence to show that legitimate users of Spotify were impacted at all.
## The Targeted Attack
All evidence points towards an international Spotify campaign to render its service inaccessible to those enjoying the 'Premium' ad-free experience without paying for it. The precise scope of the apps targeted is unknown, but Android users appear to represent the bulk of those affected, with 'modded' or 'cracked' versions of the Spotify client cited most often.
## A Global Response
Data from Google Trends reveals a worldwide search interest peak last week higher than any other Spotify-related event in the last 90 days. The same search reveals a peak of similar size and shape across multiple countries where an 'outage' was reported last week.
### Google Trends Search Data
The image below shows the top 5 countries for 'Spotify' searches in the preceding 30 days, and, for comparison, the same search for 7 days. The change in position on the right may suggest a phased approach by Spotify; 7 days may be too short to account for all searches conducted in Italy if it was one of the first targets last week.
### Top 5 Countries for Spotify Searches
#### UK The top 20 trending searches in the UK, linked to the initial searches above, are listed below. The overwhelming majority show direct interest in unofficial access, with at least half of the searches specifying particular pieces of software.
### Global Response to the 'Outage'
Searches in other regions indicate that solutions sought for the Spotify 'outage' ranged from the very direct, to the more flexible and creative. Italy's approach ranged from the easily translated 'spotify premium apk ultima versione' to the specific 'com.spotify.music apk arm64-v8a'. Showing a desire to switch platforms if necessary, 'come trasferire playlist da spotify a youtube music' (how to transfer playlist from Spotify to YouTube music) was also popular.
### Belarus and Ukraine
Over in Belarus, many searched for “спотифай скачать взлом” (Spotify download hack) while others sounded less optimistic with "why is my spotify not working". In Ukraine, the search query ' why is my spotify premium account not working?' showed up high on the list.
### The Dark Side of Piracy
For some pirates, the idea of paying for music may be too difficult to overcome. Despite costing almost nothing, research may sound like too much hard work, even if it paid off handsomely in the end.
## Modded APKs: A Risky Business
One particularly popular Spotify app has been freely exchanged between Reddit users during the past few days. As one early installer put it, "Yes it seems to work." At times like these, for some that's more than enough.
### Testing the Modded App
What we can say for sure is that the handful we've seen didn't always share the same hash. There might be good reasons for that but when hashes don't match, further tampering has already been confirmed.
### Hybrid Analysis Test Result A test result published on Hybrid Analysis, for an APK that reportedly brings Spotify back to life, dates back six/seven days. The final verdict is one of "malicious" despite anti-virus vendors giving the file a clean bill of health on both Hybrid Analysis and Virus Total.
## Conclusion
In our own tests, a similar (but not identical) APK resulted in three sets of reports, one of which exceeded 100 pages and revealed interesting 'features'. It's possible that the official Spotify app has features we're yet to discover, such as the ridiculous 'Jam' mode inflicted on even the most loyal subscriber. But did that have permission to read a phone's contact lists, SIM card details, the content of every SMS, call logs, calendar entries, and then use the camera? In 2025, anything is possible, but it's hard to imagine much good coming from that.