malware in Britney Spears Instagram Photos!

DeathtoGnomes · May 8, 2019

developed malware that hid its control mechanism inside comments posted on Britney Spears' Instagram photos

https://www.zdnet.com/article/russi...hell-of-a-clever-microsoft-exchange-backdoor/

Not surprised hacks are still used in photos.

However, Kaspersky only described the tool in brief.

In addition, if anyone had any doubts LightNeuron was the work of Russian hackers, ESET researchers said that in the cases they investigated they found that Turla operators only sent commands to backdoored servers during a typical 9-to-5 workday in the UTC+3 (Moscow) timezone, and took a break from all operations between December 28, 2018, and January 14, the typical Christmas and New Year holidays for Eastern Orthodox Christians --Russia's main religion.

Kapersky basic blew this off and allowed it to continue without much fanfare something like this usually causes. However, this says they might have a hand in it.

I'm betting some email copies were sent to WikiLeaks.

Vayra86 · May 8, 2019

Britney Spears of all people. I was in elementary school when that was a thing...

Dayum time goes fast

rtwjunkie · May 8, 2019

Its amazing that after almost 20 years her pics are still targeted with infections. They used to be at the top of the list.

Nuke Dukem · May 8, 2019

So this is basically the Anna Kournikova picture worm on steroids :laugh:

sepheronx · May 8, 2019

Nuke Dukem said:
So this is basically the Anna Kournikova picture worm on steroids

Funny how a picture of a tennis star infected millions of computers.

She is a beauty I guess.

Solaris17 · May 8, 2019

Vayra86 said:
Britney Spears of all people. I was in elementary school when that was a thing...

Dayum time goes fast

rtwjunkie said:
Its amazing that after almost 20 years her pics are still targeted with infections. They used to be at the top of the list.

Nuke Dukem said:
So this is basically the Anna Kournikova picture worm on steroids

I bet as steganography techniques get more advanced we see more and more infections like this. I mean in a social media driven internet it would have a huge audience. Especially if the payload was complex, it could be wannacry timeline levels of infection.

Steevo · May 9, 2019

Solaris17 said:
I bet as stenography techniques get more advanced we see more and more infections like this. I mean in a social media driven internet it would have a huge audience. Especially if the payload was complex, it could be wannacry timeline levels of infection.

Always on top of this. Your idea could bring the internet down, multiple payloads that DDOS the servers they are from cascading into Instagram DDOSing itself through users or Facebook. Download a photo and your device starts fetching a list of other pictures to download and run malware distributed on user devices.

moproblems99 · May 9, 2019

rtwjunkie said:
Its amazing that after almost 20 years her pics are still targeted with infections. They used to be at the top of the list.

~~Herpes is the gift that keeps on giving you know.~~

Sorry, that was mean.

johnspack · May 9, 2019

I think most of us in this forum would know not to dl things like that. But Britney Spears? Really?

Solaris17 · May 9, 2019

Steevo said:
Always on top of this. Your idea could bring the internet down, multiple payloads that DDOS the servers they are from cascading into Instagram DDOSing itself through users or Facebook. Download a photo and your device starts fetching a list of other pictures to download and run malware distributed on user devices.

Gets even more crazy when you think about what a picture is as its core. A means to deliver information. Why stop at pictures of the hot new topic? what about infecting air gapped networks? Like those that have been hit before. Im not talking about pics of brad pit, im talking about infecting the .jpg's for the blow out diagrams of sensitive equipment. Even more detrimental since internal systems (like running CnC machines etc) are seldom patched or updated.

Goes even further too. Getting to know your audience right? A picture of the dutchess' new baby will infect alot of people that browse casually, you might not infect alot of people with repair manuals for SCADA systems. But you can do alot of damage by finding popular pictures in a specific field..

For example. Do you want to infect the internal/management network and bypass all the VLANS? No problem. Anyone that knows what a crimper is on this forum has seen this picture.

Find yourself onsite or in the DC out of pre-molded cables and you need to throw one together really quick. I'll bet your not connected to the guest network when looking this up.

Now you own, hospital systems, delivery management networks, banks. etc etc.

moproblems99 · May 9, 2019

Solaris17 said:
what about infecting air gapped networks?

That's what microphones, speakers, and UHF are for.

Bill_Bright · May 9, 2019

There's some misinformation being presented here.

Note the article points out that the backdoor malware was hidden in the comments of the Britney Spears photos. Not in the photos themselves. Once the malware some how gets past all other security measures (this is not explained either) and installs itself on the Exchange server while remaining undetected, then the backdoor malware is able to read hidden commands in email attachments. It seems to me there would have to be a bunch of "what ifs" to take place before a bad guy could actually exploit this vulnerability for nefarious deeds.

I would have to assume too that Microsoft was informed of this vulnerability before this announcement went public now. So hopefully, MS has been able to reproduce it at will, and has already developed and made available the patch for it. We may never know about that.

Steevo · May 10, 2019

Bill_Bright said:
There's some misinformation being presented here.

Note the article points out that the backdoor malware was hidden in the comments of the Britney Spears photos. Not in the photos themselves. Once the malware some how gets past all other security measures (this is not explained either) and installs itself on the Exchange server while remaining undetected, then the backdoor malware is able to read hidden commands in email attachments. It seems to me there would have to be a bunch of "what ifs" to take place before a bad guy could actually exploit this vulnerability for nefarious deeds.

I would have to assume too that Microsoft was informed of this vulnerability before this announcement went public now. So hopefully, MS has been able to reproduce it at will, and has already developed and made available the patch for it. We may never know about that.

We have also had metadata security issues, which can be imbedded into a picture, want to see where this picture was taken? Click and find out......

R-T-B · May 10, 2019

Bill_Bright said:
Note the article points out that the backdoor malware was hidden in the comments of the Britney Spears photos.

Not even malware, but malware control instructions. Sensationalist? Yes, quite a bit. I must've missed that yesterday when I was being offtopic/bad frog.

cucker tarlson · May 10, 2019

Vayra86 said:
Britney Spears of all people. I was in elementary school when that was a thing...

Dayum time goes fast

I was 13 when she was 18,now I'm 31 and she's 44.

bbmarley · May 10, 2019

Quick to point the finger at Kaspersky, What have other AV done about it?

Bill_Bright · May 10, 2019

bbmarley said:
Quick to point the finger at Kaspersky, What have other AV done about it?

Its not about what other programs did. The problem there was Kaspersky was fully aware of the LightNeuron tool way back in Q2 20018 but apparently did nothing about it. Here it is well into Q2 2019 and this threat is making headlines. So yeah, the question is raised - why did Kaspersky sit on a tool for a full year that is known to be used by Russian cyberspies?

Remember, Kaspersky doesn't exactly have a clean history in this area (there are just too many different reports from too many reliable sources for this to be "fake news"!

)

Yes, they make good products and the normal home user probably has nothing to worry about. But free-world governments, universities, banks and other organizations (the primary users of Microsoft Exchange) sure need to be wary of those products. Don't forget too, Eugene Kaspersky studied under the KGB. While he was never an "agent", the ties are well documented.

Is there a smoking gun? Of course not. Putin and the KGB (and FSK today) don't leave smoking guns laying around - except on purpose.

dorsetknob · May 10, 2019

cucker tarlson said:
and she's 44.

What She's had a Boob job

must see pic's

cucker tarlson · May 10, 2019

dorsetknob said:
What She's had a Boob job must see pic's

I'll pass

System Name	Dumbass
Processor	AMD Ryzen 7800X3D
Motherboard	ASUS TUF gaming B650
Cooling	Artic Liquid Freezer 2 - 420mm
Memory	G.Skill Sniper 32gb DDR5 6000
Video Card(s)	GreenTeam 4070 ti super 16gb
Storage	Samsung EVO 500gb & 1Tb, 2tb HDD, 500gb WD Black
Display(s)	1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case	Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s)	onboard (realtek?) - SPKRS:Logitech Z623 200w 2.1
Power Supply	Corsair HX1000i
Mouse	Steeseries Esports Wireless
Keyboard	Corsair K100
Software	windows 10 H
Benchmark Scores	https://i.imgur.com/aoz3vWY.jpg?2

Processor	i7 8700k 4.6Ghz @ 1.24V
Motherboard	AsRock Fatal1ty K6 Z370
Cooling	beQuiet! Dark Rock Pro 3
Memory	16GB Corsair Vengeance LPX 3200/C16
Video Card(s)	ASRock RX7900XT Phantom Gaming
Storage	Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s)	Gigabyte G34QWC (3440x1440)
Case	Fractal Design Define R5
Audio Device(s)	Harman Kardon AVR137 + 2.1
Power Supply	EVGA Supernova G2 750W
Mouse	XTRFY M42
Keyboard	Lenovo Thinkpad Trackpoint II
Software	W10 x64

System Name	Bayou Phantom
Processor	Core i7-8700k 4.4Ghz @ 1.18v
Motherboard	ASRock Z390 Phantom Gaming 6
Cooling	All air: 2x140mm Fractal exhaust; 3x 140mm Cougar Intake; Enermax T40F Black CPU cooler
Memory	2x 16GB Mushkin Redline DDR-4 3200
Video Card(s)	EVGA RTX 2080 Ti Xc
Storage	1x 500 MX500 SSD; 2x 6TB WD Black; 1x 4TB WD Black; 1x400GB VelRptr; 1x 4TB WD Blue storage (eSATA)
Display(s)	HP 27q 27" IPS @ 2560 x 1440
Case	Fractal Design Define R4 Black w/Titanium front -windowed
Audio Device(s)	Soundblaster Z
Power Supply	Seasonic X-850
Mouse	Coolermaster Sentinel III (large palm grip!)
Keyboard	Logitech G610 Orion mechanical (Cherry Brown switches)
Software	Windows 10 Pro 64-bit (Start10 & Fences 3.0 installed)

System Name	PCGR
Processor	12400f
Motherboard	Asus ROG STRIX B660-I
Cooling	Stock Intel Cooler
Memory	2x16GB DDR5 5600 Corsair
Video Card(s)	Dell RTX 3080
Storage	1x 512GB Mmoment PCIe 3 NVME 1x 2TB Corsair S70
Display(s)	LG 32" 1440p
Case	Phanteks Evolve itx
Audio Device(s)	Onboard
Power Supply	750W Cooler Master sfx
Software	Windows 11

System Name	Rocinante
Processor	I9 14900KS
Motherboard	EVGA z690 Dark KINGPIN (modded BIOS)
Cooling	EK-AIO Elite 360 D-RGB
Memory	64GB Gskill Trident Z5 DDR5 6000 @6400
Video Card(s)	MSI SUPRIM Liquid X 4090
Storage	1x 500GB 980 Pro \| 1x 1TB 980 Pro \| 1x 8TB Corsair MP400
Display(s)	Odyssey OLED G9 G95SC
Case	Lian Li o11 Evo Dynamic White
Audio Device(s)	Moondrop S8's on Schiit Hel 2e
Power Supply	Bequiet! Power Pro 12 1500w
Mouse	Lamzu Atlantis mini (White)
Keyboard	Monsgeek M3 Lavender, Akko Crystal Blues
VR HMD	Quest 3
Software	Windows 11
Benchmark Scores	I dont have time for that.

malware in Britney Spears Instagram Photos!

DeathtoGnomes

Vayra86

rtwjunkie

PC Gaming Enthusiast

Nuke Dukem

sepheronx

Solaris17

Super Dainty Moderator

Steevo

moproblems99

johnspack

Here For Good!

Solaris17

Super Dainty Moderator

moproblems99

Bill_Bright

Steevo

R-T-B

cucker tarlson

bbmarley

Bill_Bright

dorsetknob

"YOUR RMA REQUEST IS CON-REFUSED"

cucker tarlson

System Name	Compy 386
Processor	7800X3D
Motherboard	Asus
Cooling	Air for now.....
Memory	64 GB DDR5 6400Mhz
Video Card(s)	7900XTX 310 Merc
Storage	Samsung 990 2TB, 2 SP 2TB SSDs and over 10TB spinning
Display(s)	56" Samsung 4K HDR
Audio Device(s)	ATI HDMI
Mouse	Logitech MX518
Keyboard	Razer
Software	A lot.
Benchmark Scores	Its fast. Enough.

System Name	Wut?
Processor	3900X
Motherboard	ASRock Taichi X570
Cooling	Water
Memory	32GB GSkill CL16 3600mhz
Video Card(s)	Vega 56
Storage	2 x AData XPG 8200 Pro 1TB
Display(s)	3440 x 1440
Case	Thermaltake Tower 900
Power Supply	Seasonic Prime Ultra Platinum

System Name	System2 Blacknet , System1 Blacknet2
Processor	System2 Threadripper 1920x, System1 2699 v3
Motherboard	System2 Asrock Fatality x399 Professional Gaming, System1 Asus X99-A
Cooling	System2 Noctua NH-U14 TR4-SP3 Dual 140mm fans, System1 AIO
Memory	System2 64GBS DDR4 3000, System1 32gbs DDR4 2400
Video Card(s)	System2 GTX 980Ti System1 GTX 970
Storage	System2 4x SSDs + NVme= 2.250TB 2xStorage Drives=8TB System1 3x SSDs=2TB
Display(s)	2x 24" 1080 displays
Case	System2 Some Nzxt case with soundproofing...
Audio Device(s)	Asus Xonar U7 MKII
Power Supply	System2 EVGA 750 Watt, System1 XFX XTR 750 Watt
Mouse	Logitech G900 Chaos Spectrum
Keyboard	Ducky
Software	Manjaro, Windows 10, Kubuntu 23.10
Benchmark Scores	It's linux baby!

System Name	Brightworks Systems BWS-6 E-IV
Processor	Intel Core i5-6600 @ 3.9GHz
Motherboard	Gigabyte GA-Z170-HD3 Rev 1.0
Cooling	Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory	32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s)	EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage	Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s)	Samsung S24E650BW LED x 2
Case	Fractal Design Define R4
Power Supply	EVGA Supernova 550W G2 Gold
Mouse	Logitech M190
Keyboard	Microsoft Wireless Comfort 5050
Software	W10 Pro 64-bit

System Name	Pioneer
Processor	Ryzen R9 7950X
Motherboard	GIGABYTE Aorus Elite X670 AX
Cooling	Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory	64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64

System Name	Purple rain
Processor	10.5 thousand 4.2G 1.1v
Motherboard	Zee 490 Aorus Elite
Cooling	Noctua D15S
Memory	16GB 4133 CL16-16-16-31 Viper Steel
Video Card(s)	RTX 2070 Super Gaming X Trio
Storage	SU900 128,8200Pro 1TB,850 Pro 512+256+256,860 Evo 500,XPG950 480, Skyhawk 2TB
Display(s)	Acer XB241YU+Dell S2716DG
Case	P600S Silent w. Alpenfohn wing boost 3 ARGBT+ fans
Audio Device(s)	K612 Pro w. FiiO E10k DAC,W830BT wireless
Power Supply	Superflower Leadex Gold 850W
Mouse	G903 lightspeed+powerplay,G403 wireless + Steelseries DeX + Roccat rest
Keyboard	HyperX Alloy SilverSpeed (w.HyperX wrist rest),Razer Deathstalker
Software	Windows 10
Benchmark Scores	A LOT

Processor	2500k
Motherboard	Asrock Extreme3 Gen3
Cooling	CM Hyper 212 EVO
Memory	16G Corsair Vengence
Video Card(s)	XFX 390 DD BE
Storage	OCZ Agility3 / F1 1tb
Display(s)	Hazro HZ27WC 2560x1440 / x3 BenQ G2222HDL Eyefinity - 5760x1080
Case	Fractal Design Define XL
Audio Device(s)	Onboard / Edifier RT1600
Power Supply	Cooler Master Silent Pro Gold 700W