Russian malware communicates by leaving comments in Britney Spears's Instagram account

A new analysis by Eset shows that Turla is solving its C&C problems by using Britney Spears’ Instagram account as a cut-out for its C&C servers. Turla moves the C&C server around, then hides the current address of the server in encrypted comments left on Britney Spears’s image posts. The compromised systems check in with Spears’s Instagram whenever they need to know where the C&C server is currently residing.