Eset security researchers have found that the malware used the Instagram of Britney Spears in order to find the control server that was receiving data and sending instructions to the infected devices.
Russian hackers have been striking various governments for years now. Not only that, but they also tried with different methods of conducting those attacks using the social media websites. Their approach was pretty clever, and they used those sites for concealment of the espionage malware.
Britney Spears’ account has over 16 million followers on Instagram. The posts get millions of views every day and the comment numbers rise into the thousands. There are so many comments that you could hide a coded message between them and it would be all but impossible for the average observer to detect.
A Firefox browser extension meant to offer enhanced security, but the truth is that it give the hackers a method of taking control of the infected systems.
The comment is really an encoded web address, a short URL generated using the popular Bit.ly service. Following the link led ESET to a website that was earlier used in a watering hole attack, a type of attack that targets a specific group of users by compromising a site they’re likely to visit.