To most people, this looks like the random nonsense that's standard fare for celebrity accounts. In reality, it was a hidden web address connected to malware. According to a report published this week by IT security firm ESET, the comment came from a cyber espionage group with malware known as Turla. The group has been suspected of having ties to the Russian state, and usually targets governments and diplomats.
The way the malware works through the Instagram comment is complicated and involves multiple steps.
"You first have to be infected with a particular Firefox add-on," Marcus Moreno, a supervisor of threat research at cybersecurity company Webroot, told Refinery29. "Once infected with the add-on, the user will have to view the Britney Spears Instagram photo comments. There, the '#2hot' comment left by a particular user will get interpreted [by the Firefox add-on] into a bit.ly link."
Finally, that link connects back to the group's server, completing the attack. While it's concerning to see the malware hidden on Instagram, your chances of being affected by such an attack are low.
"The odds of a user using Firefox that has the malicious add-on and then visiting that photo are very slim," Moreno said. "Instagram is primarily used on mobile devices and the comment can’t be interpreted to perform the malicious act when viewing the photo and comments by a mobile device."
Still, ESET advises that you keep web browsers and plugins updated, and avoid downloading any plugins that look questionable. After all, there are Toxic forces at work.