Britney Spears' Instagram Used by Russian Hackers - Rolling Stone
Home Culture Culture News

Britney Spears’ Instagram Used by Russian Hackers

Malware hidden in pop star’s comment section deployed as way to communicate

Britney SpearsBritney Spears

Russian hackers used Britney Spears' Instagram to communicate malware code in her comment section.

Steve Jennings/Getty

Britney Spears was an unwitting victim of Russian hackers, and the pop star likely had no idea as their actions were carefully hidden. According to a report released this week from Slovakian security firm ESET (via Engadget), the hackers used Spears’ Instagram as a means to communicate utilizing malware.

As Engadget reports, among thousands of innocuous comments found on Instagram, there are some that contain covert malware instructions. ESET found that Turla, a Russian group ESET says has long targeted governments, government officials and diplomats, had posted a comment on one of Spears’ Instagram photos.

“We are aware of this activity and have taken action against the responsible account,” a rep for Instagram tells Rolling Stone while declining to provide further detailA rep for Spears did not immediately reply to Rolling Stone‘s request for comment. 

The hacker comment, which in the original post has since been deleted, was screen captured by ESET. It was posted in February. “#2hot make loved to her, uupss #Hot #X,” user asmith2155 wrote. While it looks like random spam, in this case it was a more sinister means to communicate with compromised computers. Hidden in that comment was a trackable hash that contained a string of characters – in this case 2kdhuHX – that correlated with a link. That link would in turn connect to the malware’s command-and-control (C&C) server.

Due to the low number of hits on the link, ESET surmised this particular comment was simply a test post. Spears and other high profile Instagram accounts with millions of followers make good places for these kinds of codes and messages to hide. Spears’ original post was made in January, a month before the malicious comment was made, so there were already a couple thousand comments in which that comment could be buried, making it more difficult for anti-hacking trackers to discover. Plus, as was done in this case, the comment is easy to delete, making it even harder to track when hackers’ malware communicate via Instagram comments.

In This Article: Britney Spears


Powered by
Arrow Created with Sketch. Calendar Created with Sketch. Path Created with Sketch. Shape Created with Sketch. Plus Created with Sketch. minus Created with Sketch.