Hacking

Hundreds of Instagram accounts were hijacked in a coordinated attack

Hundreds of Instagram accounts were hijacked in what appears to be the result of a coordinated attack, all the accounts share common signs of compromise.

Alleged attackers have hijacked Instagram accounts and modified personal information making impossible to restore the accounts.

The number of Instagram accounts that was hacked has increased since the beginning of August, all the victims were logged out of their accounts, their personal and contact information were deleted, personal email address was changed.

The attackers changed victims’ email addresses with one associated to a Russian domain (.ru).

The media outlet Mashable first reported the spike in the account takeover.

“Like half a dozen other hacking victims who spoke with Mashable, her profile photo had been changed, as had all the contact information linked to the account, which was now linked to an email with a .ru Russian domain.reported Mashable.

“Megan and Krista’s experiences are not isolated cases. They are two of hundreds of Instagram users who have reported similar attacks since the beginning of the month.”

More than 5,000 tweets from 899 accounts were mentioning Instagram hacks in the last seven days, many users have been desperately tweeting at Instagram’s Twitter account requesting support.

Numerous reports of hacks were reported on Reddit, and Mashable reported a Google Trends search that shows a spike in searches for “Instagram hacked” on Aug. 8, and again on Aug. 11.

Instagram hacked accounts have had their profile photos changed with Disney- or Pixar-themed film images.

“A number of Instagram users have taken to social media to report a mysterious hack in which their profile photos are replaced by random stills from films.” reported the BBC.

It’s not clear how hackers have hacked the Instagram accounts, there are some cases in which owner s of the accounts explained that they were using two-factor authentication (2FA).

“The extra security measure didn’t protect Chris Woznicki, who was using two-factor authentication at the time his account was hacked 10 days ago. Woznicki says Instagram sent him security emails notifying him the email address on his account had been changed (once again, to a .ru address) and 2FA had been disabled. But by the time he saw the messages, it was too late and he had already lost access to his account, which had 660 followers. Others have reported similar occurrences. “continues Mashable.

Instagram confirmed it is aware of the problems that some users are facing, below an excerpt from an Instagram security advisory:

“We are aware that some people are having difficulty accessing their Instagram accounts. As we investigate this issue, we wanted to share the below guidance to help keep your account secure:

  • If you received an email from us notifying you of a change in your email address, and you did not initiate this change – please click the link marked ‘revert this change’ in the email, and then change your password.
  • We advise you pick a strong password. Use a combination of at least six numbers, letters and punctuation marks (like ! and &). It should be different from other passwords you use elsewhere on the internet.
  • You can also use the steps outlined on this page to restore your account. Please use a new, secure email address to restore your account.
  • Finally, revoke access to any suspicious third-party apps and turn on two-factor authentication for additional security. Our current two-factor authentication allows people to secure their account via text, and we’re working on additional two-factor functionality with more to share soon.”

It isn’t the first time that Instagram faces such kind of problems, in September 2017 6 million celebrities Instagram High-Profiles data were offered for sale on DoxaGram website.

For more information, users can visit the Instagram Help Centre that includes instructions to restore a compromised account.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Instagram accounts, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

11 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

15 hours ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

20 hours ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

23 hours ago

Finnish police linked APT31 to the 2021 parliament attack

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to…

1 day ago

TheMoon bot infected 40,000 devices in January and February

A new variant of TheMoon malware infected thousands of outdated small office and home office…

2 days ago

This website uses cookies.