UPDATED 21:43 EDT / AUGUST 14 2018

APPS

Russians are apparently hacking Instagram accounts, but no one knows why

Russians are apparently behind a strange hacking campaign that is taking over Instagram accounts, according to a report Monday from Mashable.

While no hard figures are given, at least several hundred users are reporting that they’ve found their Instagram accounts hacked and taken over.

“On Twitter, there have been more than 100 of these types of anecdotal reports in the last 24 hours alone,” the Mashable report noted. “According to data from analytics platform Talkwalker, there have been more than 5,000 tweets from 899 accounts mentioning Instagram hacks just in the last seven days. Many of these users have been desperately tweeting at Instagram’s Twitter account for help.”

The hacks all share a common story. Instagram users attempt to open the app to discover they’re logged out and when they try to log back in, they’re told that their username no longer exists. The accounts have the username, password and email address associated with the account changed, meaning that password recovery is impossible.

What’s missing from the story is the why, because it’s unknown why Russian hackers would want to hack Instagram accounts to begin with.

“We work hard to provide the Instagram community with a safe and secure experience,” Instagram said in a statement. “When we become aware of an account that has been compromised, we shut off access to the account and the people who’ve been affected are put through a remediation process so they can reset their password and take other necessary steps to secure their accounts.”

Travis Smith, principal security researcher at Tripwire Inc., told SiliconANGLE that although some of the users reporting issues didn’t have two-factor authentication enabled, it remains one of the most effective security methods.

“By having a unique code sent to your phone or leveraging a constantly changing pin code via an app, you can ensure that a hacker with your password will have difficulty getting into your account,” Smith said. But he noted that two-factor authentication is still a technical control implemented by humans.

“There may be other ways to bypass two-factor authentication outside of typical login methods,” he said. “Having strong and unique passwords for each account will minimize the chance that an attacker will reuse passwords from other breaches on accounts you’ve protected more heavily in the form of two-factor authentication.”

Photo: Kremlin/Wikimedia Commons

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.