The popular photo and video sharing social networking service Instagram has reportedly been hit with a hack attack that has left hundreds of users locked out of their accounts.
Instagram users took to Twitter and Reddit to complain the lock-out involved their email addresses being changed to a ‘.ru’ domain and their account names, profile pictures and passwords were changed. Some said their profile photos were substituted with stills from films such as Despicable Me 3 and Pirates of the Caribbean.
At present it is unknown who is behind the attack, although the finger of accusation has been pointed at Russia. Particularly with the domain ‘.ru’ indicating Russian origin. But then again, it may be hackers pretending to be Russian, something that has been seen before.
The hack was discovered by digital media website Mashable who informed Instagram immediately. In response, Instagram said they were investigating the hack and ‘had a dedicated team helping people to secure their accounts.’
Instagram advised its users to keep their password secure containing a minimum combination of six numbers and letters. They also recommend users should enable two-factor authentication (2FA) and delete any suspicious apps that might have access to their accounts.
But Mashable reported that the hack had even affected those that had enabled their 2FA. Instagram relies on text messages for 2FA, which is widely believed to be less secure than other forms of 2FA. The company said that it was working hard on rectifying their settings.
Just last year hackers targeted A-list celebrities’ Instagram accounts after they had accessed millions of user accounts. At the time cybercriminals created a website where the stolen details could be bought for less than £10.
While hundreds affected is a drop in the ocean compared to the 500 million daily Instagram active users this latest hack is deeply troubling because they were able to gain access to accounts that are supposedly technically secure.
Instagram has recommended that users visit the Instagram Help Centre which is dedicated to preventing and dealing with hack attacks such as this. The centre will also have security tips and steps so that those affected can restore control over their accounts.
Back in 2012 Facebook bought Instagram for a billion dollars just two years after its inception. At the time the acquisition was considered somewhat controversial as Instagram had only 30 million users and zero sales. Time, however has proven it to have been an astute purchase as last year sales from ad revenue topped $2.81 billion, now representing 10% of Facebook’s global sales.
Image: Binar Schwarz Cyber