Skip to main content
  1. Home
  2. Computing
  3. Web
  4. News

Hackers use Britney Spears’ Instagram to hide instructions for malware attack

Add as a preferred source on Google

Hacking groups are always working on new ways to perpetrate attacks, and now there’s evidence that a Russian outfit known as Turla has figured out a method of using Instagram to carry out its activities. Earlier this week, a report was published that suggests Britney Spears’ account on the photo-sharing service was used as a staging area for a Trojan attack.

The information published by antivirus developer Eset revolves around a Firefox browser extension, according to a report from Ars Technica. The extension purported to offer enhanced security, but in fact served to give the hackers a method of seizing control over an infected system.

Recommended Videos

A bit.ly URL directed the extension toward its command and control server, but the address was not actually present in its source code. Instead, it was hidden away in a seemingly random comment on one of Spears’ Instagram posts.

The extension would pore over each photo’s comments, computing a custom hash value for each string of text. When it found the comment with a hash that matched with the stipulated value of 183, it ran a regular expression — a sequence of characters that defines a search pattern — on the comment to translate it into the URL.

Eset researchers managed to discover a bit.ly URL hidden in this manner, which linked to a domain that has been used by Turla in the past.

The URL in question only received a small number of visits around the time when the Instagram post was published, which can be interpreted either as a sign that the malware is still being put through its paces, or that the attack was highly targeted.

Firefox developers are apparently in the process of tweaking the browser so that the current implementation of this attack won’t work in the future.

Brad Jones
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
South Korea wants to give every citizen free, unlimited access to its own AI chatbot
The government-backed service could turn generative AI into public infrastructure instead of another monthly subscription
Electronics, Mobile Phone, Phone

South Korea wants to give every citizen free access to an AI chatbot with no usage limits. That puts the technology closer to a public utility than another premium service demanding a monthly subscription.

The Ministry of Science and ICT announced the AI for Everyone project on July 13. Private companies will build the platform around locally developed models, while a separate AI agent will help people navigate government services. It’s a more practical job than generating emails or settling arguments nobody wanted to research themselves.

Read more
Falling in love with a chatbot is now off limits for kids in China
The crackdown targets emotional AI relationships as regulators worry about the country's record low birthrate.
Replika AI companion app on an iPhone in hand

Ever since AI chatbots arrived on the scene, there has been one aspect that has worried lawmakers and experts a lot: humans forming emotional connections with chatbots. There have been plenty of cases where over-reliance on these AI companions or partners has resulted in medical emergencies, lost lives, and triggered multiple lawsuits against the likes of OpenAI and Meta.

China cracks down on AI companion apps

Read more
Russian hackers keep finding their way into critical networks through neglected routers
A multinational warning says outdated firmware, weak passwords, and insecure settings are giving state-backed attackers an easy opening
A Wi-Fi router next to a laptop.

Russian state-backed hackers have spent more than a decade exploiting a stubborn weakness in critical infrastructure networks. Organizations are still leaving poorly configured and outdated routers exposed to the internet.

In a joint cybersecurity advisory, the NSA, CISA, FBI, and international partners warn that hackers linked to Center 16 of Russia’s Federal Security Service are continuing to target vulnerable networking equipment. Energy, healthcare, and government networks are among the sectors facing the highest risk.

Read more