A Russia-linked cyber espionage group used a Britney Spears Instagram to spread malware

A sophisticated hacking group believed to be connected with the Russian government appears to have tested some new malware ... in the comments of a Britney Spears Instagram photo.

*sigh* 2017.

Information technology research group ESET spotted the malware hiding in a comment that looks pretty much like any other spam on a Britney Spears photo.

The malware didn't get a lot of play, but the effort seems to be a test for the cyber espionage group known as Turla, according to ESET.

Once a user opens the malware link, the site asks the user to download a Firefox extension that seems harmless enough, but is actually a trojan. Once installed on the user's computer, the trojan relays the user's activity back to Turla.

This particular strategy is known as a "watering hole" tactic, in which hackers attempt to infect a group of users by the leaving malware on a site those users frequently visit.

By dropping malware in a comment on the social platform, hackers were encouraging unwitting Instagram users to infect themselves.

Using social media to conduct a cyber attack is not only something many social media users wouldn't expect, it also allows the attackers to delete the content associated with the link.

Bottom line, as ESET concluded: Update your plug-ins, folks, and don't download random things from strange places.

Read the full article here.