Oh baby baby, how were we supposed to know… that something wasn’t right here? A security firm has found that a Russian-speaking hacker group has been using Britney’s Instagram page as a hub for distributing its malware. In a word, WTF?
The group, called Turla, posted comments about images on the pop star’s page that look like spam but are actually directions for malware to contact the group’s command and control servers. Random phrases like “#2hot make loved to her, uupss HHot #X” were actually ways to relay to other hackers where to drop stolen information in a malware scheme.
As Gizmodo explains: “These servers send instructions and act as a repository for stolen information. Using an encoded coded comment on Britney Spears Instagram post, the malware could find out what URL to use to meet up with the server without actually including that information in the code of the malware itself.”
So why did they decide to gang up on Brit Brit and her fans? The group chose her page because of her 17 million followers, and because the thousands of comments on each post make it easy to hide its malicious code.
According to ESET, the security firm that spotted Turla’s posts on the pop star’s page, these particular comments were just a test for a more targeted attack. The people behind Turla are apparently keen on targeting government and embassy websites.
If you’re one of her followers, or if you’ve commented on one of her posts, don’t worry. “There is no active or clickable content, in this case, no harm can be done to the account’s followers,” ESET senior malware researcher Jean-Ian Boutin told USA Today. The messages by themselves weren’t clickable and thus didn’t pose a threat to anyone who happened to view Spears’s account or see them.
So there’s that. And here are some posts that should take our minds off the madness for at least a little bit.