Hundreds of Instagram Accounts Hacked!

It has recently got reported that hundreds of Instagram Accounts have got hacked, and users made complaints of intrusion over the last few days. Rather than being random attacks, it looks like there was a pattern, or, the attack was carried out on a large scale by the same group of people.

 How did the Instagram Account Hack affect users?

 Users found the following problems:

• Victims found themselves logged out of their Instagram accounts and then attempted to log back in they found their usernames no longer existed.
• Instagram profile pictures got affected.
• It also made alterations to user details like bio’s, phone numbers and email addresses.
• Handle names got changed.

What Happened With The Instagram Profile Picture Hack

 Users found their profile pictures had got changed to Pixar/Disney characters or any other movie stills. The Instagram Account Hack has been very mysterious, especially where hackers haven’t been adding or deleting posts (which is a common symptom from the more common social media hacks).

It has also got discovered that the new email accounts behind the hacking originated from the Russian .ru domain – so are the Russians behind this new hacking drama?

 Victims of the Instagram Account Hack

 Krista

She used her Instagram as a motivational fitness account, and she had over more than 4,500 followers. However, on Saturday evening, Krista noticed that she got logged out of her account. She then tried to log back in but later received a message saying that her username didn’t exist.

After investigating further, the fitness instructor saw that her photo, handle, telephone number and email address had all got changed when requesting a password reset, it got discovered that the new email linked to her Instagram Account got altered to a .ru email address.

Krista realized she had been a victim of the Instagram Account Hack.

 Megan

 She’s a dedicated Instagram user who had around 2000 followers. Similar to Kristi, she awoke on Monday morning to find that her account had been logged out. All her details were changed too, including the profile picture, .ru email address change, and the social media profiles that got linked to the account.

 How many users were affected by the Instagram Account Hack?

 Krista and Megan’s cases were not isolated incidents. It got reported that over 200 Instagram users had experienced the attack, which began the start of August.

 Reports from Twitter:

• There were over 5,000 tweets from 899 accounts talking about the Instagram hacks in just one week.
• Users were tweeting Instagram’s Twitter account for help.
• There were over a hundred types of anecdotal reports over the last 24 hours.

Instagram has over 1 billion users in total. The company commented that it hadn’t noticed any alarm in their level of hacks, however, doing a Twitter search contradicts that entirely. The word “hack” has been tweeted to Instagram’s official account since the beginning of August. In comparison to only 40 tweets during the July month.

Google and Reddit trends also show an increase for ‘“Instagram Account Hacked,” between the 8th and 11th of August.

 Instagram did give a statement reassuring their users:

 We provide the Instagram community with the safest and secure experiences – when we are alerted to an account got hacked, we immediately close down all access to the profile – and those affected will go through a remediation process, allowing them to reset their password and take other measures to secure their accounts tightly.

We don’t know how hackers are getting access to the accounts, or if it’s a coordinated hack. The Instagram hacking victims all have things in common with the attack – with the animated character, new .ru email addresses and deleted bios.

Most of the time, Instagram users weren’t going through a two-stage authentication process at the time of the hack, which may be where the weakness lied.  

 Did the two-factor authentication process deter the Instagram Hackers?

 Chris Woznicki

He used the two-factor system; however, it didn’t stop his account getting hacked ten days later. Chris received security emails telling him that the email address had been changed (to the .ru email address) and his 2FA had been disabled. After he saw the alerts, it was too late, and he could no longer access his account – it had 660 followers.

What’s strange about the Instagram Hackers?

 The attackers aren’t posting new photos or getting rid of old posts from their victims’ accounts, which is often the symptom when a social media profile got compromised. They instead changed all of the contact information linked to the profile, which makes it very hard for the original user to regain entry.

 What is wrong with Instagram’s security policies?

 If an Instagram user no longer has the phone number or email address connected to the account, then it’s very challenging to regain access! It’s obvious why the policy is in place, as its to ensure that no one can request a password reset.

However, it also makes account recovery virtually impossible for people who have had their details changed.

Chris Woznicki said that when he reported it, Instagram sent an automated email telling him to log in and change the password – but he wasn’t able to do that. The social media company says it has a technique in place to address these types of situations, but the majority of those affected said they found it lacking.

 The automated account recovery system disadvantages:

• Users feel like they’re going round in circles.
• It’s very time-consuming.
• None of the staff from Instagram personally address the situation.

Instagram users complained that it’s laughable with the amount of dead/broken links Instagram send and the emails written by robots, which isn’t helpful.

 Nowak

 Now works a lot with Facebook as part of her day job (a social media manager), and she took five days to access her Instagram account – despite being several attempts in contacting the Instagram site. Nowak’s profile was again found to have gotten linked with a Russian domain.

 Krista is a personal fitness influencer and says that it’s more than just a private matter – she has several sponsors on the account, so it would affect her business if she were to lose the profile altogether.

However, some Instagram users were able to go through the site’s remediation process successfully, and one person said that she got back into the account once she got contacted by Mashable – she commented that the entire process was ‘very stressful.’

It’s not a new situation; as the social media site has over 1 billion users, Instagram has now become a primary target for hackers from all corners of the globe. The site refused to disclose on how long the remediation process takes, but by going on the number of angry tweets – still indicating that more needs to do.

 Other Instagram Account Hack reports:

 “Instagram has not been helpful! I’ve sent countless emails to Instagram’s support team, and the response is always canned – we will get back to you soon. I didn’t ever hear back, even after sending messages to all of the top executives at Instagram – no response!” – Cynthia Corzo, another Instagram hacking victim. “I sent PM’s through Facebook to the top executives, and there was no response.”

The ex-customer was very disappointed with Instagram’s manner, so she uninstalled the app – “I’m not sure if I’ll ever go back.” she pointed out.

 What is Instagram doing about the hacks?

 The firm has said it’s now investigating all of the claims, despite the fact they denied the increase in hacking reports. It’s advised to use the two-factor authentication when setting up an Instagram account, however, do note that it did fail to protect at least one person.

 How to recover Instagram Account

 Have you been affected by these issues? Then this is a short guide on how to recover your Instagram account.

• Report the incident on Instagram.
• The team should get back to you for additional information, to check your the real owner of the profile – you’ll need to send a face photo while holding up a custom code, provide a username and own full name.
• Once Instagram gets back to you, they’ll provide you with a code that is necessary to regain your account.
• When you receive this, you’ll be able to gain access to your Instagram!
• If not already, get the two-point authentication and change all of your security details.

 Tips on what to do if you get Instagram hacked 

• Change all of your passwords and emails on all other social media apps, in case the hacker gains access to them too.
• Remain calm! It’s not very easy in this scenario, especially with the frustration of the app’s algorithm and visibility – giving you no faith in recovering your account at all (even more so if you’ve spent 4 – 5 years growing your Instagram community and building a personal photo diary).
• Always enable the two-factor authentication for better account security.
• Be very patient but persistent when dealing with Instagram – it took one user four contact attempts via the log-in form, and they didn’t reply until a further 24 hours.
• Always spread the word on other social media platforms, as its surprising the number of people out there who can provide expert tips and advise to help you get back on track.
• Create a backup blank Instagram account, so you can save your previous username, in case the hacker changes it.

 What do we know about the Instagram Account Hackers?

 There’s still wide speculation on who was behind the Instagram Account Hacks, however, seeing as the emails change to a well-known Russian host – the majority are convinced that its the work from Russian cybercriminals, under the order of the Russian President, Putin.

The Russian’s haven’t just been meddling with Instagram, but also Facebook, Google, and Twitter. It happened ahead of the 2016 US election, and that over 3000 advertisements between June 2015 and May 2017 all had Russian links.

They also got accused of spreading ‘fake news,’ and the company producing the content were a Russian firm called the Internet Research Agency. CNN pointed out that the Russian Facebook Ads targeted citizens living in Wisconsin and Michigan – both won by a margin for Trump.

Facebook also reported to the Congress that the political meddling included the use of image-sharing through Instagram. Colin Stretch (Facebook’s general counsel) said that over 20 million Americans saw the suspect posts last year.

 Mark Zuckerburg’s Statement on Russian hacking

 “I’m distraught that the Russian’s attempted to use our resources to create division in politics. What they did is, and we aren’t going to stand for it.”

Zuckerburg made that statement only hours after Facebook’s top lawyer was grilled at a Washington congress hearing at the end of last year.

“The community is continuing to grow, and overall the business is doing well. However, if our services aren’t bringing people together – protecting all of our users is our priority.” Mark Zuckerburg concluded.

Instagram’s data is estimated to have exposed over 126 million Americans to Facebook posts from Russian hackers.

 The bottom line

 Although statistically, we are talking about hundreds of users out of the billion using the app, it’s still a very low probability that you get targeted. However, it’s thoroughly recommended to follow all the recommended security protocol, when setting up your Instagram account.

Having a backup account, as mentioned earlier, will also make a huge difference in being able to locate your profile, if you’re in the circumstance of needing to find your account through the hacker changing the username.

Also, there’s also the obvious, like making sure your password is secure and using a combination of small case, upper case, numbers, and symbols. Write your password in a diary or on paper and keep it safe.

Overall, by following all of the advised techniques, then like every other public internet account, you should find that you have a secure use of the service.