Unbeknownst to her Britney Spears, and possibly other celebrities with large followings, their Instagram accounts are being used to help control the operations of Russian, and perhaps other, hackers.
It is believed, based on some actual evidence, that these hackers are using the comments section of Spears’ Instagram to send instructions for their operation.
For example, a comment was left on this photo which contained a secret message.
The comment reads, “asmith2155: #2hot make loved to her, uupss #Hot #X”.
Seems like your typical nonsensical spambot comment until it’s explained to you. Which is… well, it’s very complex, but it’s a very key aspect of how hackers run their games.
According to Vox…
After compromising computers, hackers need a way to send them instructions and get data back. They often set up a command and control server to do this. Security professionals defending against cyberattacks usually try to find the central server and shut it down in hopes of crippling the entire network.
The comment on Britney Spears’s photo is a clever strategy for announcing the location of a new command and control server after the previous one gets shut down. When decoded, it’s actually the central server’s internet address.
Compromised machines are programmed to periodically scan for these specially-targeted comments on the Spears Instagram page so they’re able to continue communicating with the hackers even after the initial command and control server gets shut down.
Naturally, the obvious question is, why are hackers using celebrities’ Instagram accounts for this aspect of their operations?
The answer is simple: Web traffic from users around the world is constantly flowing through Instagram. It would be incredibly easy to hide malicious comments and links on photos posted by celebrities.
For example, Britney Spears currently has 16.9 million Instagram followers. The post that was targeted has more than 420,000 likes and 2,200 comments. That makes it much harder for defenders to track hackers’ actions — if it wasn’t for ESET’s research, that one comment would’ve been lost.
Another reason is that it’s very easy for the hackers to delete a comment, which would erase any trace of a hacking attempt. After deleting the comment, they could easily post another comment that would lead to a new central server. In this case, the hackers didn’t delete the comment, and ESET believe it was just a test of their new way of communicating.
So there you go. Not only is Britney Spears’ music being used in the fight against Somali pirates, her Instagram account is also being used by the Russians (and perhaps others) to hack into our computers.
Never has a caption to an Instagram post been more appropriate.