UPDATED 21:43 EDT / AUGUST 14 2018

APPS

Russians are apparently hacking Instagram accounts, but no one knows why

Russians are apparently behind a strange hacking campaign that is taking over Instagram accounts, according to a report Monday from Mashable.

While no hard figures are given, at least several hundred users are reporting that they’ve found their Instagram accounts hacked and taken over.

“On Twitter, there have been more than 100 of these types of anecdotal reports in the last 24 hours alone,” the Mashable report noted. “According to data from analytics platform Talkwalker, there have been more than 5,000 tweets from 899 accounts mentioning Instagram hacks just in the last seven days. Many of these users have been desperately tweeting at Instagram’s Twitter account for help.”

The hacks all share a common story. Instagram users attempt to open the app to discover they’re logged out and when they try to log back in, they’re told that their username no longer exists. The accounts have the username, password and email address associated with the account changed, meaning that password recovery is impossible.

What’s missing from the story is the why, because it’s unknown why Russian hackers would want to hack Instagram accounts to begin with.

“We work hard to provide the Instagram community with a safe and secure experience,” Instagram said in a statement. “When we become aware of an account that has been compromised, we shut off access to the account and the people who’ve been affected are put through a remediation process so they can reset their password and take other necessary steps to secure their accounts.”

Travis Smith, principal security researcher at Tripwire Inc., told SiliconANGLE that although some of the users reporting issues didn’t have two-factor authentication enabled, it remains one of the most effective security methods.

“By having a unique code sent to your phone or leveraging a constantly changing pin code via an app, you can ensure that a hacker with your password will have difficulty getting into your account,” Smith said. But he noted that two-factor authentication is still a technical control implemented by humans.

“There may be other ways to bypass two-factor authentication outside of typical login methods,” he said. “Having strong and unique passwords for each account will minimize the chance that an attacker will reuse passwords from other breaches on accounts you’ve protected more heavily in the form of two-factor authentication.”

Photo: Kremlin/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU