Russian malware communicates by leaving comments in Britney Spears's Instagram account

Originally published at: http://boingboing.net/2017/06/07/watering-holes.html

2 Likes

Well that’s clever.

23 Likes

I’m not even mad, I’m impressed. That is extremely clever.

25 Likes

Yup. Novel and new, but in the past things like IRC channels, XMPP users, AIM users, etc. all have been used for C&C channels. Very much an evolution, and authors thinking, “where, where else can we put this stuff?”

15 Likes

Well they are not going to be using for much longer now…

9 Likes

Agreed. I consider myself an out of the box thinker but this makes me step back and say

16 Likes

This explains all YouTube comments

62 Likes

Aah, but Teresa May is to be the new sheriff, and she’s gonna clean up Internet Town, she sure is, I betcha. A couple of new laws and all this stuff is gonna be history…

…my arse.

16 Likes

So many key rotation opportunities - different accounts, false trails, etc.

But the surface vector is really low - Instagram could just strip all zero-width-characters from their comments with a single API update.

7 Likes

Thi‍S is inter‍Esti‍Ng, but har‍Dly a ‍New form of comm‍Unication for malware. In‍Deed, w‍Ebsite comment thread‍S have been used this way for years.

30 Likes

Steganography is sad.

2 Likes

36 Likes

Oops, they did it again.

27 Likes

…and then break all the languages, like arabic, which rely on zero width characters.

7 Likes

reminds me of the old site about Brittney teaching physics - - http://britneyspears.ac/lasers.htm

1 Like

You are assuming they or indeed any large company gives a damn, has the tech chops to understand what you just said (at management levels) and can be convinced/forced to spend even ten cents on something that isn’t a profit center.

People can’t get some of these places to install basic security patches let alone actually write custom code for someone else’s benefit.

4 Likes

Britney Spears and Instagram.

Excellent! Never been there. Never done that.

5 Likes

Feature, not a bug? #PoesLaw

2 Likes

Yeah, Instagram has like 50 employees, they’re not really a “large” company. And their CTO wrote Instagram, he’s got tech chops.

5 Likes

That is a tough technical trick there. Think of all the properties that message needs to met 1) encodes the new URL 2) hides the URL 3) looks like a normal post 4) hashes to a specific value. I am really interested in the algorithms and compute time required to generate such a message. It feels like it would be hard to forge such a message.

6 Likes