Russian malware communicates by leaving comments in Britney Spears's Instagram account

boing
#1

Originally published at: http://boingboing.net/2017/06/07/watering-holes.html

2 Likes
#2

Well that’s clever.

23 Likes
#3

I’m not even mad, I’m impressed. That is extremely clever.

25 Likes
#4

Yup. Novel and new, but in the past things like IRC channels, XMPP users, AIM users, etc. all have been used for C&C channels. Very much an evolution, and authors thinking, “where, where else can we put this stuff?”

15 Likes
#5

Well they are not going to be using for much longer now…

9 Likes
#6

Agreed. I consider myself an out of the box thinker but this makes me step back and say

16 Likes
#7

This explains all YouTube comments

62 Likes
#8

Aah, but Teresa May is to be the new sheriff, and she’s gonna clean up Internet Town, she sure is, I betcha. A couple of new laws and all this stuff is gonna be history…

…my arse.

16 Likes
#9

So many key rotation opportunities - different accounts, false trails, etc.

But the surface vector is really low - Instagram could just strip all zero-width-characters from their comments with a single API update.

7 Likes
#10

Thi‍S is inter‍Esti‍Ng, but har‍Dly a ‍New form of comm‍Unication for malware. In‍Deed, w‍Ebsite comment thread‍S have been used this way for years.

30 Likes
#11

Steganography is sad.

2 Likes
#12

c48fb42bbf6d108a44c6c9cf48cd209c.jpg736×736 105 KB

36 Likes
#13

Oops, they did it again.

27 Likes
#14

…and then break all the languages, like arabic, which rely on zero width characters.

7 Likes
#15

reminds me of the old site about Brittney teaching physics - - http://britneyspears.ac/lasers.htm

1 Like
#16

You are assuming they or indeed any large company gives a damn, has the tech chops to understand what you just said (at management levels) and can be convinced/forced to spend even ten cents on something that isn’t a profit center.

People can’t get some of these places to install basic security patches let alone actually write custom code for someone else’s benefit.

4 Likes
#17

Britney Spears and Instagram.

Excellent! Never been there. Never done that.

5 Likes
#18

Feature, not a bug? #PoesLaw

2 Likes
#19

Yeah, Instagram has like 50 employees, they’re not really a “large” company. And their CTO wrote Instagram, he’s got tech chops.

5 Likes
#20

That is a tough technical trick there. Think of all the properties that message needs to met 1) encodes the new URL 2) hides the URL 3) looks like a normal post 4) hashes to a specific value. I am really interested in the algorithms and compute time required to generate such a message. It feels like it would be hard to forge such a message.

6 Likes