Britney Spears's Instagram account has been hacked by Russians who hid coded malware instructions in the comments section, according to a Slovakian security firm.
The firm ESET said a hacker group called Turla infected the Instagram account's comment section with messages that look like nonsensical writing to the naked eye, reported New York magazine.
A comment posted under the handle @asmith215 left the message "#2hot make loved to her, uupss #Hot #X" in February to a post originally made on Spears' account in January.
The message contained the malware code "2kdhuHX" that could prompt a computer to download a Trojan Firefox extension. ESET believed the code was a test since few people actually clicked onto it.
"The fact that the Turla actors are using social media as a way to obtain its C&C (command-and-control) servers is quite interesting," said ESET’s website. "… Attackers using social media to recover a C&C address are making life harder for defenders. Firstly, it is difficult to distinguish malicious traffic to social media from legitimate traffic.”
"Secondly, it gives the attackers more flexibility when it comes to changing the C&C address as well as erasing all traces of it. It is also interesting to see that they are recycling an old way of fingerprinting a victim and finding new ways to make the C&C retrieval a bit more difficult."
ESET senior malware researcher Jean-Ian Boutin told USA Today that Spears would not have known such activity was happening on her site.
"The message is akin to a spy leaving a window shade up or down to communicate with the agent's handlers," said USA Today’s Elizabeth Weise. "In that pre-digital scenario, the spy would simply walk down the street and glance up to the window to know whether he or she should go to a pre-arranged drop site to find a message left there."
Cristiana Brafman Kittner, a senior analyst with computer security company FireEye, told USA Today that Turla usually targets diplomatic, government, and defense entities across Europe, Central Asia, the Middle East, and the United States.
© 2023 Newsmax. All rights reserved.