Lurking within glowing Instagram comments under a steamy post of pop icon Britney Spears, Slovakian IT security experts have uncovered that a seemingly jumbled comment was actually Russian malware.
Officials with ESET Security released a report earlier this week detailing a keenly hidden post − among more than 7,000 comments − that looked to be nothing more than spam, according to Engadget, a technology news site.
The malware was situated in a Firefox browser extension posing as a security feature. The malware would search for hidden links in order to connect back to its control server, according to the ESET report. And the comment, now deleted, was actually a web address that required a quite complicated, multi-step process to decipher.
In the case of the post above, the malware went through all of Spears’ comments looking for a specific hash. When it found the comment with the right hash, it would check it for particular characters, grab the letters that came after those characters and turn them it into a link, which would connect to malware.
ESET Security said they believe this particular post was just a test and linked the malware scheme to a group called Turla, a cyber espionage group that has reportedly targeted governments, government officials and diplomats for years.
So, why Britney?
We may never know. But the Princess of Pop offers a valuable lesson to Instagram users. Those weird comments under your selfie − like the torrid affairs Spears sings of − can be toxic.