Security reports indicate that Instagram users experience serious login issues which is probably caused by a worldwide hacking attack. The reason for this is a continued wave of apparent account takeovers of insecure accounts in a seemingly automated manner. This article gives insight on the currently known information about the incidents.
Instagram Login Issues May Be Caused by Hacking Attacks
We have just received several reports of en masse login issues affecting Instagram users worldwide. The sudden rise of the incidents give analysts the notion that this may be due to a large-scale hacking attack. Details about the exact reasons for this are not known at this moment. The first media reports were posted on Monday signaling that the probable onset of the attacks happened in the beginning of this month. There are several symptoms that can be a warning sign for a possible intrusion — The users are suddenly logged out of their accounts. Upon viewing their profiles the owners will notice that the profile bio and contact details are changed and/or deleted. To prevent email recovery they are also changing their addresses to ones with Russian (.ru) domains.
Common indications that an Instagram account has been overtaken by criminals are also the unusual long periods of not posting new images or deleting old ones without an apparent reason. In previous attacks the profile pictures have been altered to stock photo or celebrities. The practice of posting links in the profiles is especially dangerous — they are usually phishing sites or virus files.
Many of the affected users have posted on Twitter about their issues, at this moment Instagram have not posted details about the apparent problem.
We are aware that some people are having difficulty accessing their Instagram accounts. If you think you have been impacted, please follow our guidance to regain access: https://t.co/DfHpQuk9SJ
— Instagram (@instagram) August 15, 2018
One of the most effective ways to protect an Instagram account from the possible hack is to enable two-factor authentication. This will make it very difficult for the attackers to obtain access to the target accounts. At the moment the available options are the code entry of a code sent through an SMS message.
We recommend that Instagram users update their accounts to follow the best security practices:
- Use a Strong Password — A combination of at least 8 numbers and letters, as well as special characters should be used. The unique string should not be used on other services on the Internet.
- Password Rotation — Account holders should change their passwords often.
- Avoid Phishing Scams — Instagram scams are one of the most popular tactics used by computer criminals in the last few years. Users should double check any notices, emails and prompts that appear to be coming from the service.
- Third-party Authorization — Malicious third-party apps can take over the accounts, be very careful when allowing access.