Russian hackers hid malware along the comment section of Britney Spears’ Instagram
(Mirror Daily, United States) – Britney Spears became the victim of Russian hackers, when they used her Instagram to deliver malware. The Slovakian security firm ESET discovered that these hackers hid malicious links in the comment section on the celebrity’s Instagram page. Nobody was aware of this attack until now, as the actions were hidden carefully.
Malware hidden in Instagram comments
ESET analyzed thousands of Instagram comments on Britney Spears’ profile, and discovered that not all of them are as harmless as they seem. Among them, there hid some carefully disguised malware instructions. The security firm revealed that responsible for this was Turla, a group of Russian hackers known for targeting diplomats and government officials.
The malicious comment appeared in February but, after the firm spoke of the hacking attempt, it has been deleted. A user called asmith2155 left a comment which at first looked like regular spam. However, it hid a means of corrupting computers.
The comment contained several hashtags, and one of them in fact hid a string of characters which, when clicked, opened a bit.ly link. Then, this link would have connected to the command and control server of the malware, and was able to corrupt the computer it was opened on.
Celebrity profiles are the best places to hide such attacks
However, the bit.ly link did not make many victims, which led ESET to believe that it was merely a test post. The Instagram profile of Britney Spears, as well as other celebrity profiles, have a high exposure and are a good place where hackers can hide their attacks.
The post where this comment was found was made in January, and the hacking attempt appeared in February. This allowed for thousands of harmless comments to accumulate, and make it harder for the attack to be detected. Also, the comment was deleted, which also contributes to the stealth of such hacks.
Hackers often choose such methods to disguise their attacks, which makes many people vulnerable. If they choose websites with millions of visitors, they are more likely to make more victims and still keep their attacks undetected.
Image Source: Wikimedia Commons