• Follow us

Technology

Instagram Targets Account Hijacking | Social Networking

By John P. Mello Jr. Jun 18, 2019 10:42 AM PT

Account hijacking has become a nettlesome problem at Instagram so it has decided to do something about it. The social media company on Monday said it has begun testing a simpler method for users to reclaim their compromised accounts.

The move, first reported by Motherboard, allows users locked out of their hacked accounts to ask for a six-digit code to be sent to the email address or phone number originally used to open the account.

The company also has taken steps to address the issue of user name theft. After hijacking an account and changing its settings to lock out its owner, some hackers will try to sell its name. Short, unique user names can sell online for US$500 to $5,000, according to Motherboard.

To curb that practice, Instagram will bar the transfer of a user name for an unspecified time after changes are made to an account.

It's not known when the six-digit reset feature will be available throughout Instagram, but the lockdown addition already is available to Android and iOS users.

Turning Accounts Into Cash

Selling user names isn't the only way criminals can turn hijacked Instagram accounts into cash. They can monetize the credentials for the account by selling them to other hackers, for example, noted Rick McElroy, head of security strategy at Carbon Black, an endpoint security company in Waltham. Massachusetts.

"They can also extort the owner into paying to release the account," he told TechNewsWorld. In addition, "they can blackmail the affected person based on material found in the account, and phish other people connected to the account."

Attacks on Instagram accounts aren't always launched by strangers, either.

"Targeted attacks are also common against people the attacker knows," said Jonathan Tanner, senior security researcher at Barracuda Networks, a security and storage solutions company based in Campbell, California.

"In those cases the motivation may be information, 'is my girlfriend or boyfriend cheating on me?' or revenge, 'my girlfriend or boyfriend cheated on me so I'm going to hijack their account and embarrass them,'" he told TechNewsWorld.

Political motives also spur some account hijacking, especially with influencers in countries where freedom of speech is not respected, observed Mounir Hahad, head of the threat lab for Juniper Networks, a network security and performance company based in Sunnyvale, California.

"Accounts can be taken over, sometimes illegally by force, to sway the message just enough to change the narrative about an upcoming election or a public protest," he told TechNewsWorld.

"Much of this problem stems from the implicit trust we place on posts coming from the people we follow," said John Shier, senior security advisor at Sophos, a network security and threat management company based in the UK.

"You shouldn't trust everything you see on social media," he told TechNewsWorld.

Hijackers Undeterred

Although Instagram's action makes it easier to recover a compromised account, its impact on hijacking remains to be seen.

"These measures only make it somewhat less stressful to recover a hijacked account and will not do much to curb the hijacking attempts," maintained Juniper's Hahad.

"If the attacker is sophisticated enough and has compromised an original email address used to create the Instagram account, then it may still be difficult to regain control of the account, even with the new measures in place," he pointed out.

Some criminals may be dissuaded from hijacking Instagram accounts, but the practice will continue, noted Sophos' Shier.

"Criminals don't need much time to benefit from an account hijack. If their purpose is simply to spread malicious or fraudulent links, the compromise of a prominent celebrity's account is all it would take," he explained. "Thousands of followers would likely see the link and click on it before the compromise was noticed."

Instagram's account recovery solution is just a short-term fix -- stronger solutions are needed to address future attacks, according to Will LaSala, director of security solutions at OneSpan, an authentication and fraud analysis company in Chicago.

"Stronger solutions force the application to properly identify the risk associated with the request and then to enforce stronger methods of authentication when a high risk is detected," he told TechNewsWorld.

"This type of intelligent authentication can help users by ensuring only the strongest authentication methods are used by the user and only when the user needs them the most," he said.

Rampant Problem

Account hijacking has been going on for more than a decade, said Byron Rashed, vice president of marketing at Centripetal Networks, a network security company in Herndon, Virginia.

"At first, it was a challenge by script kiddies, but then it became a business when threat actors discovered how valuable these accounts can be," he told TechNewsWorld. "Many accounts can have valuable personal identifying information that can be sold and traded in the underground economy to fully monetize the exfiltrated accounts."

Account hijacking is widespread online, noted Carbon Black's McElroy.

"It will continue to be a growing area of concern for highly visible individuals. Criminals either want money to release the accounts or blackmail the user about pictures and other sensitive content found in cloud storage," he added.

"Account hijacking ... across all sites is quite rampant," added Barracuda's Tanner.

Hijacking is fueled by the massive amount of information stolen in data breaches, he noted. There are tools hackers can use that incorporate breach data to facilitate their hijacking activities.

Those products make a configuration file for a site that specifies how the login process works, what list of email and password combinations to try, and includes a list of proxy IPs to use so that IP-based protections won't be as effective.

Password theft is framed as a consumer problem, but it can have a significant impact on a business, too, maintained Rami Essaid, cofounder of Distil Networks, a website security firm in Arlington, Virginia.

"Password dumps create a ripple effect as organizations spend precious time and resources on damage control," he told TechNewsWorld.

"There's a massive spike in failed logins, then the access into someone else's account before the hacker changes the password, then the account lockout for the real user, then the customer service calls to regain access to their account," Essaid said, "all because a username and password was stolen from a different website."

John P. Mello Jr. has been an ECT News Network reporter since 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, the Boston Phoenix, Megapixel.Net and Government Security News. Email John.

Read More



Leave A Comment

More News

TechNewsWorld

Clean Energy Solutions to Lower Your Electric Bill 2019-07-01 14:47:21Utility bills can get astronomical in the summer and winter. You can reduce those costs and your carbon footprint by signing up for Arcadia Power. Acc

The Democratic Debate That Wasn't: How Tech Could 2019-07-01 08:43:36I watched the Democratic debates last week and was struck by three things: I'd likely rather watch paint dry; the application of technology to improv

NSA Admits Improper Collection of Phone Data, 2nd 2019-06-27 05:39:54The ACLU has released documents showing the NSA improperly collected Americans' call and text logs in November 2017 and in February and October 2018.

Chinese Hackers Linked to Global Attacks on Telcos 2019-06-26 13:04:05Chinese hackers likely are responsible for a series of cyberattacks against telecommunications companies around the world, security researchers have r

Next-Gen Raspberry Pi 4 Packs Power Plus Potential 2019-06-25 13:59:05The next big Raspberry Pi thing is now here, with lots more computing power and more options. The Raspberry Pi Foundation has announced the availabili

Proposed Law Would Force Big Tech to Reveal 2019-06-25 06:15:22A Democrat and a Republican have filed a U.S. Senate bill to require companies to report to financial regulators and to the public what consumer data

6 Things We Won't Be Able to Live 2019-06-24 14:53:38Things rarely happen as fast as we think or progress as slowly as we hope. We all thought we'd have flying cars by the end of last century, for insta

Uber Drones to Make Meal Drops This Summer 2019-06-21 05:57:31Uber Elevate, the aerial arm of rideshare service Uber, will test a fast food delivery by drone service later this summer in San Diego. Delivery dest

Firefox Users Warned to Patch Critical Flaw 2019-06-20 06:23:16Firefox users should update their browsers immediately to fix a critical zero-day vulnerability. Anyone using Firefox on a Windows, macOS or Linux des

In Zuck We Trust: Facebook to Launch Own 2019-06-19 13:37:13Facebook's plans to mint its own digital coin will test the company's consumer credibility. After being savaged for months for its cavalier attitude

Instagram Targets Account Hijacking 2019-06-18 13:42:04Account hijacking has become a nettlesome problem at Instagram so it has decided to do something about it. The social media company has begun testing

Improving Digital Literacy in the Workplace 2019-06-17 18:50:57It's anticipated that in the next five years 90 percent of the workforce will require at least basic computer skills, such as using email or company

PCWorld

Nvidia's GeForce RTX 'Super' cards aim to one-up 2019-07-02 09:00:00Nvidia promised something Super is coming well over a month ago, and on Tuesday, the wait paid off. The graphics company unveiled not one, not two, bu

Nvidia GeForce RTX 2060 Super and RTX 2070 2019-07-02 09:00:00Nvidia promised something Super is coming well over a month ago, and on Tuesday, it finally delivered. Spoiler alert: The wait was worth it.The $399 G

Best robot vacuums: We name the most effective 2019-07-02 06:00:00Vacuuming is one of the most hated household chores. Here are your best choices for outsourcing it to some automated help.

Ecovacs Deebot 500 review: This budget-priced household helper 2019-07-02 06:00:00With app control plus Amazon Alexa and Google Assistant support, this robot vacuum packs a punch for the price.

The five devices you need to work anytime 2019-07-01 23:00:00The modern workplace is more flexible than ever before. This is mainly thanks to high-speed internet connections and the huge advancements in mobile t

Four reasons to buy an Always-Connected PC 2019-07-01 23:00:00 Laptops have always been a perfect blend of portability and power, making them the ideal solution for working whether you’re at home, in the of

Microsoft's fall release of Windows 10 will be 2019-07-01 18:25:00If you’ve been wondering what Microsoft’s next feature release of Windows 10—19H2—has in store, the answer is: not much.Micros

Tobii lands former Intel PC chip VP to 2019-07-01 17:51:00Eye-tracking tech provider Tobii said Monday that it has named Anand Srivatsa, the former vice president of Intel’s Client Computing Group, as T

Best power banks of 2019: The top USB 2019-07-01 13:24:00Anyone who uses a smartphone knows the importance of carrying a backup power bank. But given the large number of options on Amazon, you might feel ove

Best cheap laptops: We rate the best-sellers on 2019-07-01 10:05:00When you’re looking for a good, cheap laptop, knowledge is power. Every budget machine (which we’re defining as Windows laptops costing $5

OmniCharge Omni 20+ Power Bank review: A one-stop 2019-07-01 06:30:00The OmniCharge Omni 20+ is a successful follow up to the Omni 20, simply because OmniCharge no longer has different models of the same charger with di

Bose Home Speaker 300 review: A versatile smart 2019-07-01 06:00:00The newest (and smallest) addition to Bose’s smart speaker line sounds sweet, speaks both Amazon Alexa and Google Assistant, and encourages the

FOX News

Germany fines Facebook $2.3 million for violating hate 2019-07-02 12:56:36Germany hit Facebook with a fine for a lack of transparency in how it handles and reports hate speech complaints.

Facebook buildings evacuated after mail tests positive for 2019-07-01 16:47:27Four buildings that receive and mail for social media giant Facebook were evacuated Monday after a bag of mail tested positive for the nerve

Soldiers use AI to fire precision grenades, guide 2019-07-01 15:50:32The Pentagon’s research and technology arm is testing a “breakthrough” AI-enabled technology for dismounted mobile combat units that

Tiny robots are ‘dominating space’ 2019-07-01 15:30:19China calls them scavengers, Russia calls them inspectors and the US calls them threats.

Civil rights activists slam Facebook's 'insufficient' attempts to 2019-07-01 12:48:20Facebook's latest update on its ongoing companywide civil rights audit has been criticized by activists who say that the social network needs to do m

Facebook cryptocurrency, life-saving smartphones and more: Tech Q&A 2019-06-30 07:00:55Please help me solve a debate. I say my smart TV can get bit by malware and viruses. My buddy says I am a dope. Who’s right? A six-pack is ridin

4 chilling lessons from a tech hotline scam 2019-06-29 07:00:32Some people think they’re immune to cybercriminals. “I’m not even on their radar,” they think. “What are the chances tha

Seedy app that 'undressed' women sparks backlash, taken 2019-06-28 15:36:41A seedy app that used a type of artificial intelligence to “undress” images of clothed women has been taken offline by its developers.

Apple moves production of $6G Mac Pro to 2019-06-28 09:50:19Apple is manufacturing its new Mac Pro computer in China, according to people familiar with its plans, shifting abroad production of what had bee

Google Maps can now tell you how bad 2019-06-28 09:35:00Three weeks after Google announced Google Maps updates to help you stay safe in the event of a natural disaster, the company detailed a solution for a

Apple wants to make Oscar-worthy movies to beef 2019-06-17 12:50:56Apple has Oscar envy.

Google wants next billion users, but has no 2019-06-17 11:09:24Google CEO Sundar Pichai said his company doesn't have plans to launch in China, but that doesn't mean the tech giant wants to ignore its hundreds o

TechCrunch

Superhuman removes email location logging, will turn read 2019-07-03 18:40:41Superhuman, the buzzy and currently invite-only email startup that you might have come across even if you yourself don’t have access if you&rsqu

Pod Foods gets VC backing to reinvent grocery 2019-07-03 17:51:22How a failed cookie startup paved the way for next-gen logistics and distribution software.

Lotus’ first electric hypercar finally has a name 2019-07-03 17:48:48The Goodwood Festival of Speed is shaping up to be a big moment for Lotus. The company is finally taking “some” of the wraps off of its fi

Earios is a new podcast network for women 2019-07-03 17:30:59It might seem like you’ve now got podcasts covering any and every conceivable topic, but comedy writer and actor Maria Blascucci argued that the

With Super Mario Maker 2, Nintendo both unleashes 2019-07-03 17:01:03Nintendo's Mario Maker series is among the most generous gifts the company could have given to its fans, and the new installment on Switch is better

Bird investor Upfront Ventures eyes $250M growth fund 2019-07-03 16:03:05The LA-based VC closed on $400 million for its latest early-stage fund in 2017.

Appeals court rules Amazon can be held liable 2019-07-03 15:57:41In a blow to Amazon, a U.S. appeals court ruled that the mega-retailer can be held accountable for faulty third-party sales. The ruling arrived this w

We still don’t know how much of Libra 2019-07-03 15:29:54The $10 million entry fee to join the Facebook-developed cryptocurrency’s Libra Association is merely a minimum. Members who’ll verify tra

GPS on the Moon? NASA’s working on it 2019-07-03 15:23:06If you're driving your car from Portland to Merced, you probably rely on GPS to see where you are. But what if you're driving your Moon rover from O

Pax Labs CEO Bharat Vasan and serial founder 2019-07-03 15:12:30The legalization of cannabis and hemp for medicinal and recreational use in states across the U.S. and in Canada has opened up a huge vein of green, g

Bored before the holiday? Go play the game 2019-07-03 15:11:44The concept of a Google Doodle — the little widget that sometimes replaces the Google logo on the company’s main search page — has g

Daily Crunch: FaceTime gets an eye contact upgrade 2019-07-03 14:09:24The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox ever

Electrek

Jeda launches new Tesla Model 3 USB hub 2019-07-03 18:25:57 Tesla is starting to have a lot of different features utilizing the USB ports in its center console, like Sentry Mode and phone charging, and it can

Podcast: Tesla’s incredible delivery numbers, TSLA departures, Model 2019-07-03 15:47:02 This week on a special holiday weekend Wednesday Electrek Podcast, we discuss the most popular news in the world of sustainable transport and energy,

Tesla is going to allow solar roof and 2019-07-03 14:38:31 Tesla is going to enable homeowners with Tesla solar roof tiles and solar panels to access and dive deep into their own power generation data. more&h

Milwaukee’s Electric String Trimmer is $199 (33% off), 2019-07-03 13:31:00 Today only, Home Depot offers the Milwaukee M18 FUEL 18V Cordless Electric String Trimmer for $199. That’s a $100 savings from the regular

Tesla Pickup truck overtakes Ford F150 as most 2019-07-03 12:59:19 Tesla is good at creating hype without advertising and the Tesla Pickup truck is no exception as it overtakes the Ford F150 as the most talked about

Recent Rivian hires come from Tesla, McLaren, Ford 2019-07-03 12:42:04 Rivian has grown to employ 750 people, with a new report detailing the startup’s recent hires from Tesla, Ford, and McLaren — but most no

Waymo gains approval for transporting passengers in self-driving 2019-07-03 10:51:54 As Waymo continues its push for a driverless future, the Alphabet company is trying to expand to more regions. This week, the state of California has

How climate change deniers inserted themselves into the 2019-07-03 10:35:13 In the ongoing saga of the Trump administration’s efforts to roll back fuel economy standards, it’s been known that automakers sought to

EGEB: A Michigan ‘smart energy district,’ coal country 2019-07-03 09:02:40 In today’s EGEB: Jackson, Michigan is creating a “smart energy district” for energy innovation and testing. Sky-high energy bills i

VW unveils beautiful Type 2 electric conversion microbus 2019-07-03 08:58:59 Volkswagen (VW) has unveiled an electric conversion concept for its iconic Type 2 microbus to celebrate 20 years at its Electronics Research Laborato

Brose unveils all new whisper-quiet electric bicycle drive 2019-07-03 08:31:11 Brose just unveiled its newest electric bicycle drive system. While the company is best known for its ultra quiet mid-drive motor systems, Brose has

Tesla Model 3 aces crash test, sets ‘new 2019-07-03 04:00:43 The European New Car Assessment Programme (Euro NCAP) has released safety and crash test results for new vehicles, including the Tesla Model 3, which


Disclaimer and Notice:WorldProNews.com is not responsible of these news or any information published on this website.