Russian hacker group used Britney Spears' Instagram to hide their control servers

Want to hide your command and control server? Just post it on Instagram Yes, you read that title right. As reported by Ars Technica , the ...

Want to hide your command and control server? Just post it on Instagram

Yes, you read that title right. As reported by Ars Technica, the Russian hack group Turla has found a unique way to keep the URL of their command and control server secret: by posting it on Britney Spears's Instagram. The command and control server is what malware typically communicates with to receive instructions and where it offloads stolen data from the victim. On the surface, creating a C&C server seems simple but it's actually a difficult problem for malware makers to solve.

The malware needs to know what server to communicate with but simply coding that in doesn't make for very good malware. Security analysts can simply go through the source code, find the URL, and issue a patch that blocks traffic to that server. This is similar to what helped bring down the WannaCry ransomware attack.

To ensure the malware knows who to talk to without anyone else knowing, Turla implemented a simple yet brilliant approach to locating the control server. The group deliberately placed comments on certain Instagram posts that could be referenced by the malware. The software would then scan and hash each comment until it found one that returned a certain value (183 in this case). Then by simply running an mathematical expression on the characters of the comment, the C&C URL was able to be obtained.

Since the server is never directly referenced in the comment or the source code, the malware was very hard to detect. The actual comment in question was "#2hot make loveid to her, uupss #Hot #X" and contained several non-printable Unicode characters to help create the URL.


http://www.techspot.com/news/69607-russian-hacker-group-used-britney-spears-instagram-hide.html
Name

English News techspot.com
false
ltr
item
Techno - Gampong IT - Reference Information Technology: Russian hacker group used Britney Spears' Instagram to hide their control servers
Russian hacker group used Britney Spears' Instagram to hide their control servers
http://www.techspot.com/images2/news/bigimage/2017/06/2017-06-06-image-5.png
Techno - Gampong IT - Reference Information Technology
http://techno.gampongit.com/2017/06/russian-hacker-group-used-britney.html
http://techno.gampongit.com/
http://techno.gampongit.com/
http://techno.gampongit.com/2017/06/russian-hacker-group-used-britney.html
true
7281475864779722461
UTF-8
Tidak ditemukan artikel apapun LIHAT SEMUA Selengkapnya Balas Batal Balas Hapus Oleh Beranda HALAMAN ARTIKEL Lihat Semua REKOMENDASI LABEL ARSIP SEARCH SEMUA ARTIKEL Tidak ditemukan posting yang sesuai dengan permintaan Anda Halaman Utama Minggu Senin Selesa Rabu Kamis Jumat Sabtu Min Sen Sel Rab Kam Jum Sab Januari Februari Maret April Mei Juni Juli Agustus September Oktober November Desember Jan Feb Mar Apr Mei Jun Jul Agu Sep Okt Nov Des baru saja 1 menit lalu $$1$$ minutes ago 1 jam lalu $$1$$ hours ago Kemarin $$1$$ days ago $$1$$ weeks ago lebih dari 5 minggu yang lalu Pengikut Ikuti KONTEN PREMIUM Silakan share untuk membuka Salin Semua Code Pilih Semua Code Semua kode disalin ke clipboard Anda Tidak dapat menyalin kode/teks, silakan tekan [CTRL] + [C] (atau CMD + C dengan Mac) untuk menyalin