A sophisticated hacking group believed to be connected with the Russian government appears to have tested some new malware ... in the comments of a Britney Spears Instagram photo.
Information technology research group ESET spotted the malware hiding in a comment that looks pretty much like any other spam on a Britney Spears photo.
The malware didn't get a lot of play, but the effort seems to be a test for the cyber espionage group known as Turla, according to ESET.
Once a user opens the malware link, the site asks the user to download a Firefox extension that seems harmless enough, but is actually a trojan. Once installed on the user's computer, the trojan relays the user's activity back to Turla.
This particular strategy is known as a "watering hole" tactic, in which hackers attempt to infect a group of users by the leaving malware on a site those users frequently visit.
By dropping malware in a comment on the social platform, hackers were encouraging unwitting Instagram users to infect themselves.
Using social media to conduct a cyber attack is not only something many social media users wouldn't expect, it also allows the attackers to delete the content associated with the link.
Bottom line, as ESET concluded: Update your plug-ins, folks, and don't download random things from strange places.
Read the full article here.