Skip to Content

Britney Spears’ Instagram Is a Secret Testing Ground For Russian Hackers

102.7 KIIS FM's Jingle Ball - Show102.7 KIIS FM's Jingle Ball - Show
Britney Spears performs onstage during 102.7 KIIS FM's Jingle Ball 2016 presented by Capital One at Staples Center on December 2, 2016 in Los Angeles, California.Kevin Winter Getty Images for iHeartMedia

With Instagram fame comes Instagram…malware?

On Tuesday, a security firm found that a Russian-speaking hacker group has been using Britney Spears’ Instagram page as a hub for distributing its malware.

The group, called Turla, posted comments about images on the pop star’s page that look like spam, but are actually directions for malware to contact the group’s command and control servers.

As Gizmodo explains, “These servers send instructions and act as a repository for stolen information. Using an encoded coded comment on Britney Spears Instagram post, the malware could find out what URL to use to meet up with the server without actually including that information in the code of the malware itself.”

The group chose Spears’ page because her 17 million followers—and thousands of comments on each post—make it easy to hide its malicious code.

Sign up: Click here to subscribe to the Broadsheet, Fortune’s daily newsletter on the world’s most powerful women.

According to ESET, the security firm that spotted Turla’s posts on the pop star’s page, these particular comments were just a test for a more targeted attack. The people behind Turla are apparently keen on targeting government and embassy websites.