Britney Spears’ Instagram account is hacked
Russian group’s code message looked like jibberish from a fan
Pop star Britney Spears’ Instagram account was used by Russian hackers as a secret bulletin board to place coded messages that were part of a malware scheme, a security company reported.
Slovakian antivirus company ESET said in a blog post it had found encoded messages in the comments section of Spears’ account that, when scanned by a malware-infected computer, would give directions on where to send stolen information.
One comment posted in February looked a semi-incomprehensible fan posting: “#2hot make loved to her, uupss HHot #X”
However, to those knowing what to look for, it could be translated into a website address that allowed malware to communicate with the computers controlling it. The subterfuge was to ensure there was no easily followed trail between the hackers’ computers and the infiltrated computers.
Spears would have had no knowledge some of the comments posted in her official Instagram account were coded messages between hacked computers, ESET senior malware researcher Jean-Ian Boutin said.
There was also no danger to anyone reading or following the account, Boutin said, and no possibility that their devices could have been contaminated.
Spears’ publicist did not immediately respond to a request for comment.
The message is akin to a spy leaving a window shade up or down to communicate with the agent’s handlers.
In this case, ESET researchers were tracking a Russian-speaking hacker gang that historically has targeted diplomatic, government and defense entities across Europe, Central Asia, the Middle East, and the United States, said Cristiana Brafman Kittner with computer security company FireEye.