Hackers demand ransom from hijacked Instagram influencers | Cyber Security

Hackers are taking over high-profile Instagram users’ accounts and holding them to ransom, it was revealed this week. At least four influencers have lost control of their accounts and received demands to send bitcoin for their return, but in some cases the attackers retained control or deleted the accounts.

Motherboard reported that Los Angeles-based fitness Instagram influencer, Kevin Kreider, lost control of his Instagram account and more than 100,000 followers after falling victim to a phishing scam. The account hijackers sent him a fraudulent email offering a sponsorship deal with French Connection that took him to a fake Instagram portal which then stole his account details.

Cassie Gallegos-Moore, who used the Instagram handle theadventurebitch, blogged about losing her account to hackers who changed the email used to access it. They temporarily blocked the account and demanded a ransom, threatening to delete the account entirely within three hours if she did not pay. Gallegos-Moore, who had 57,000 users on her account, sent them $122 in bitcoin.

While Kreider eventually managed to regain control of his account, Gallegos-Moore was still without hers at the time of writing. Instead, she renamed a backup account to her original adventurebitch handle, but had fewer than 100 followers at last count. She lambasted Instagram for its approach to the hack.

While it isn’t clear how she lost her account, Instagram account hacking has become commonplace.

In August, the company blogged in response to reports that hundreds of accounts were being hacked. One piece of advice in that blog post may offer a clue:

Our current two-factor authentication allows people to secure their account via text, and we’re working on additional two-factor functionality with more to share soon.

SMS-based two-factor authentication (2FA) renders the user vulnerable to an attack known as SIM swapping, in which hackers socially engineer cellular carrier employees to switch a cellphone’s number to a new SIM. This enables attackers to access the SMS texts used in 2FA authentication and gain access to the account. NIST deprecated SMS texts as a form of 2FA in 2016.