Many companies and influencers are reportedly losing their Instagram accounts with millions of followers to hackers who are demanding ransom. According to cybersecurity company Secureworks, the vice became more prominent in 2021.
The perpetrators begin by sending a message purporting to be from Instagram, informing their target of a suspected copyright infringement. The message contains a link that directs recipients to a hacker-controlled website. The victim is then prompted to input their Instagram login credentials, allowing the attackers complete control over their accounts.
“After gaining control of the Instagram account, the threat actors change the password and username. The modified username is a variation of ‘pharabenfarway’ followed by a number that appears to be the number of followers for the hijacked account,” Secureworks explained.
Profiles of hacked accounts bear a message saying “this account is held to be sold back to its owner” with a WhatsApp number attached as a link. Clicking the whatsapp number launches a chat with the perpetrators who then demand for ransom in exchange for access to the account. In other instances, the hackers contact the pages’ owners using the phone numbers listed on the accounts.
According to Secureworks, the hackers launched the campaign in 2021 and have been selling accounts for as much as $40,000 (Sh4 million) The phone numbers listed on the hacked accounts indicate that they could be based in Russia and Turkey.
According to Secureworks, repeated passwords may give hackers access to email accounts or other corporate resources leading to more losses.
Last year, several Kenyan companies including KAA and Jambojet lost their accounts. Influencers Nick Odhiambo and Nameless were also victims to hackers.