Russian hackers are using unusual methods to launch their latest malware attack.
Security researchers have discovered that hackers have booby trapped images posted to Britney Spears’s Instagram account
Researchers from security firm ESET found that hackers had been have been leaving comments that contain malware on the pop star’s Instagram account.
The comments don’t look anything out of the ordinary but are actually encoded with a web address from popular link shortening service Bit.ly and are used to trick unsuspecting users to download a fake Firefox browser plugin.
Once download the plugin monitors everything typed into the browser, giving hackers access to passwords and other sensitive data.
The encoded comments left by the hackers on Spear’s Instagram posts tell the malware how to connect with their servers.
This unusual approach is known as a ‘watering hole attack’ and is increasingly being used by hackers to target web users as by and large can be difficult to detect.
Watering hole attacks typically target users of high traffic websites like Instagram.
ESET named those responsible for the hack as being part of an espionage group named Turla, which reportedly has links to the Russian government.
Revealing its findings in a blog post, ESET said: “We noticed that this extension was distributed through a compromised Swiss security company website. Unsuspecting visitors to this website were asked to install this malicious extension.
“The extension is a simple backdoor, but with an interesting way of fetching its C&C [control and command]domain.”
“The one that was used in the analysed sample was a comment on a photo posted to the Britney Spears official Instagram account,” the firm said.