Published: Fri, June 09, 2017
Entertaiment | By Lawrence Myers

Russian hackers hiding malware in Britney Spears Instagram comments

Russian hackers hiding malware in Britney Spears Instagram comments

The hacking group, Turla has been involved in a variety of malware campaigns, some of which used satellite-based Internet connections to hide their servers.

The hackers are using comments on Britney Spears's account to give the malware instructions. It previously targeted embassies in Ukraine, China, Germany and several other countries, a state electrical authority in the Middle East, and a medical organization in the USA, according to Symantec, a security software company based in the US. To send a target computers' data, however, the trojan used a very interesting method. "In fact, it will obtain this path by using comments posted on a specific Instagram post", the researchers said. The backdoored extension can upload and download files from the command server, and execute applications or code. Gizmodo explained how the method worked.

"Attackers using social media to recover a [command and control] C&C address are making life harder for defenders", say researchers from security firm Eset, which uncovered the attack.

Information technology research group ESET spotted the malware hiding in a comment that looks pretty much like any other spam on a Britney Spears photo.

Apple's answer to the Amazon Echo has a critical flaw
Amazon said Alexa now has around 13,000 "skills" and has increasingly migrated from the Echo onto other devices around the home. The Apple Inc ( NASDAQ:AAPL ) CEO made a particular point of highlighting the mind-blowing sound quality of HomePod .

This link will connect it to its command-and-control (C&C) server - giving it instructions on what to do and retrieve stolen data.

When the malware detected the above comment, it generated a URL link. User "asmith255" posted a seemingly unsuspicious comment in February.

The extension would look for a comment that met certain mathematical parameters. The custom hash value, in turn, would retrieve the following URL.

ESET named those responsible for the hack as being part of an espionage group named Turla, which reportedly has links to the Russian government.

British general election: What the polls say
Failure by any party to win a majority will result in what is a called a hung parliament. There will be no Liberal Democrat pact - they have learned their lesson from last time".

"The comment is, on its face, fairly unremarkable, reading "#2hot makes love to her, uupss #Hot #X".

As it was only access a few times, ESET believes that the URL was only used in tests. There are extensions that work in the backdoor and detect parent server through comments on social media.

Mr Boutin added that he had been in touch with Mozilla, which was working on ways to stop extensions for Firefox being compromised in this way. Instagram is wildly popular among users and depending on who you are, Britney Spears is wildly popular.

(CERN) Stake Reduced by State Treasurer State of MI
Cerner Corporation (NASDAQ:CERN) has a market cap of $22.2 billion and over the last 12 months, CERN has gone stronger by 22.98%. It dived, as 68 investors sold YHOO shares while 207 reduced holdings. 115 funds opened positions while 711 raised stakes.

Like this: