Link To Malware Found Hidden In Instagram Comments

On the profiles of famous Instagrammers, especially celebrities, you can expect to find all sorts of comments ranging from the adoring, to the hateful, to the trollish, and more often than not you would find spam-like comments too that advertise products or just don’t make any sense at all. Usually you would shrug them off, but maybe we shouldn’t.

According to a report from Slovak IT security company ESET Security, it seems that hackers have managed to hide Russian malware within Instagram comments. The malware itself isn’t in the comments since it’s just text, but what it does is that it provides a link that instructs the malware on how to get in touch with its controllers.

A report from Popular Mechanics writes, “For this comment, it would scan through looking for certain characters including hashtags and an invisible one called a “Zero Width Joiner” which is usually used to combine two emoji parts (like “Man” and “Light Skin Tone”) into a single combo-moji. Finally, it would take the letters that occurred after these flag characters, and use them to make part of a Bit.ly link where the malware would actually connect with its controllers.” In the screenshot above and in that particular comment, it basically converts it into a link.

According to ESET Security, they are suggesting that this might only be a “test” and have linked the malware to a group called Turla. It should also be noted that this malware was hidden in a Firefox browser extension that pretended to be a security feature, so it is unclear how widespread it is, so the next time you see comments that don’t seem to make sense, it could be more nefarious than just simple spam.

Tyler Lee
Categories: General
Tags: Instagram, Malware, Security