Malware can lurk pretty much anywhere. Including Instagram comments, apparently. And in this case, in the comment section for a post by Britney Spears.

In a report by Slovak IT security company ESET Security, they detail this particular example. Nestled in the comments for a Britney Spears photo on Instagram, you could easily mistake it as the ramblings of a delusional idiot. Or a sweatshop worker chained to a computer. But no, it’s Russian Malware, trying to contact its foreign master.

The Malware itself was nestled in a Firefox extension disguised as a security feature. The comment which looked more like a grievous head wound/word salad about having “make loved to [Britney Spears] uupss”? Actually a coded message sent to its controller.

Essentially, it goes through a set source for comments, searching for one with the right hash. When it finds it, it is allowed to connect to its controllers. This lets the controller set when the malware connects with them without having to directly control the malware itself.

ESET hypothesizes that this was merely a test. They linked it to a group named Turla, a cyber espionage group that ESET says has been targeting governments, government officials and diplomats for quite a while.

So, next time you see some moron insisting in broken English that he had sex with some starlet, it might be malware. Maybe.

// Promoted Stories

About Author

B. Simmons

Based out of Glendale California, Bryan is a GAMbIT’s resident gaming contributor. Specializing in PC and portable gaming, you can find Bryan on his 3DS playing Monster Hunter or at one of the various conventions throughout the state.

See author's posts