HomesecurityMalware was detected in a photo of Britney Spears at Instagram

Malware was detected in a photo of Britney Spears at Instagram

Security researchers discovered a damaging comment on a photograph of Instagram published by Britney Spears. Essentially this is a Russian malware.

According to experts, among the 7.000 comments posted on Britney Spears' photo was hidden and a message that seemed to be innocuous. Malware was hidden in a Firefox browser extension that was featured as a security feature. The extension was looking for hidden links by posting in Instagram to be able to reconnect to the control server in the future.
Of course, the comment was deleted as soon as it was revealed, but it was actually an internet address that is difficult to decrypt.
The malware was programmed to go through all the comments on the Instagram photo and create a specific hash or number for each one. When it found the comment with the appropriate hash, it checked for specific characters, took the letters coming from those characters and converted them to a link. This link allowed the malware to connect to its C&C server.
Who are behind this plan? This is the Turla group, a notorious Russian cyber spy group known for targeting governments, senior officials and diplomats.
The researchers concluded that this comment was only a test to see if the system would work because there were only a few clicks on the link.
Let's note that such attacks using social media as bait have been identified in the past with an example of attacks by the Dukes team. In addition, this is a fairly intelligent behavior as it is difficult to identify by researchers if it does not stir suspicions at all.

In a world without fences and walls, who needs Gates and Windows