Russian hackers have found an ingenious way to spread malware among the masses, Instagram and Britney Spears. Instagram is wildly popular among users and depending on who you are, Britney Spears is wildly popular. What better way to get millions of people infected with malware than to leverage the popularity of both these entities. As reported in Engadget, IT security company ESET Security released a report detailing the method used by the hackers to hide a malware link inside an Instagram comment.
If you’re at all familiar with popular social media platforms, you know there are comments that pop up that make no sense. Generally, these are just regarded as SPAM and are usually passed over, but not everyone can resist a hashtag or link. In this case, the hackers disguised a bit.ly link as a hashtag which leads to the malware infection.
The malware was situated in a Firefox browser extension pretending to be a security feature and it would search for hidden links in order to connect back to its control server. And the comment, now deleted, was actually a web address that required a fairly complicated, multi-step process to decipher.
In this case, the malware went through all of the comments on Spears’ Instagram photo and computed a number, or a “hash,” for each one, while it looked for a specific hash. When it found the comment with the right hash, it would check it out for particular characters, grab the letters that came after those characters and turn them it into a link. That link would then let the malware connect to its controllers. Such a method allows the controllers to change where it meets up with the malware without having to change the malware itself.
So be careful out there in social media land, not everything is as it seems.Source: Engadget