View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 5, 2018

Instagram Influencers Targeted in Ransomware Campaign

The company does not have two-factor authentication set by default

By CBR Staff Writer

High-profile accounts on Instagram are being targeted by phishing and ransomware attacks, with evidence that many are paying the attackers.

Hackers are gaining access to accounts via phishing scams; posing as personal representatives from well known branding companies, they are contacting the victim with a proposal to start a partnership, Motherboard reports.

The scammer sends a link for their own Instagram page to the victim. However the link is a fraudulent Instagram login portal, once clicked the victim is requested to renter their login details which are then captured by the attacker.

See also: Company123! Lessons from a Year of Penetration Testing (2FA, Anyone?)

The well-documented attacks have not been commented on yet by Instagram.

Instagram Ransoms

The attacker then sends a message to the victim stating that their account is held captive and that they now have three hours to pay a ransom in bitcoins or the account will be deleted permanently.

At this stage the victim panics, they are looking at not just their account been held hostage, but all of the followers they have cultivated and built up over time, these are the real hostages. A new account can be created, but it is the followers that are hard to replicate.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

Fearing the worst, many of the victims pay small sums amounting to a couple of hundred pounds to rescue their accounts.

However, in an investigation by Motherload they found that the attackers took the money and deleted the accounts anyway.

Instagram Ransoms

A fitness-focused Instagrammer Kevin Kreider fell victim to this scam and paid attackers a small sum to retrieve his account, unfortunate they did not release it and for a while it appeared to be removed from the platform.

Mr Kreider had his account returned, but it is still unclear whether this was due to an intervention by Instagram or the attacker keeping up they end of the deal.

See Also: Instagram Tops 1 Billion, Launches Long-Play Video App

Avast Security expert Luis Corrons commented in a blog post that “These attacks can easily be avoided by enabling two-factor authentication,” he explains. “I believe that well-established social media companies should in fact enable 2FA by default; this alone would decrease the number of hacked accounts to almost zero.”

Instagram does have two-factor authentication, but it is not set as default and users have to manually established the security measure themselves.

As Instagram notes: “There are several two-factor authentication methods you can use with your Instagram account. To get started with two-factor authentication, choose either: Text message (SMS) codes from your mobile phone. Login codes from a third party authentication app (such as Duo Mobile or Google Authenticator).”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.