Spears’ Instagram comments are reportedly being used by Russian hackers to share malware instructions. According to a report from Slovakian security firm ESET, a hacking group called Turla left a now-deleted comment back in January that possibly directed hackers to command & control malware.
Select All explains, “The comment read, ‘#2hot make loved to her, uupss #Hot #X.’ While that might sound like nonsense to a normal person just looking to enjoy some good Spears content, it actually contains coded— ‘2kdhuHX’—malware.” The ‘2kdhuHX’ string of letters could be added to a bit.ly, which would direct hackers to the right location. Weird.
The messages by themselves weren’t clickable, though, so they didn’t pose a threat to anyone who happened to see them beneath Spears’ photo. ESET senior malware researcher Jean-Ian Boutin told USA Today the practice “isn’t necessarily common” in the hacking world.
According to the report, Turla is known to take aim at diplomatic and defense arms of countries like the United States. It specifically “infects computer networks with malware” and then uses messages like the ones on Spears’s account “to find out where to send the stolen materials.”
ESET believes the link was “just a test,” but it serves as a good reminder not to click on anything you find in the comments of a 90s pop icon.