How Russian Hackers Used Britney Spears’s Instagram to Communicate

UPDATED | Russian hackers reportedly used pop music star Britney Spears’s official Instagram account to communicate by planting coded messages within comments on her posts, USA Today reported, citing a Slovakian-based IT security company.

Unbeknownst to the “Toxic” crooner, the Russian-speaking hacker group Turla would use seemingly vague gibberish in the comments section—and in plain sight of an account that has 16.9 million followers—the company ESET stated in a blog post. Random phrases like “#2hot make loved to her, uupss HHot #X” were actually ways to relay to other hackers where to drop stolen information in a malware scheme.

The messages by themselves weren’t clickable and thus didn’t pose a threat to anyone who happened to view Spears’s account or see them.

“There is no active or clickable content, in this case, no harm can be done to the account’s followers,” ESET senior malware researcher Jean-Ian Boutin told USA Today.

He said the practice isn’t necessarily common in the hacking world.

According to the report, Turla is known to take aim at both the diplomatic and defense arms of countries like the United States as well as those in Europe, the Middle East and Central Asia. It specifically infects computer networks with malware and then uses messages like those on Spears’s account to find out where to send the stolen materials.

For big celebrities likes Spears or even lesser ones, problems with hacking more often involve their accounts being taken over. In June of last year, one prominent hacker named J5Z managed to gain access to the Twitter accounts of major celebrities including Drake, former Beatle George Harrison, Rolling Stones guitarist Keith Richards and roughly a dozen others, The Daily Beast reported.

Some female celebrities like Spears have also found their personal (and sometimes very private) photos dumped on the Internet. Earlier this year, actresses Emma Watson and Amanda Seyfried were among victims of such hacks, while stars like actress Jennifer Lawrence, reality-television personality Kim Kardashian and others found their accounts had been invaded over an almost-two year period, with some photos released in September 2014.

This article was updated to correct the provenance of IT security firm ESET.