Hackers Unsuccessful At Stealing 22,000 Employee Accounts On Instagram

Crooks recently tried to spoof the Instagram app by stealing compromised accounts belonging to 22,000 employees at Instagram.

The company announced today how it was a failed attempt which was done at an institution located in the Education Ministry. However, they failed to name which one it happened to be.

The hackers tried to target so many users on the Instagram app using tactics like phishing emails, spoofing Instagram accounts, and even notifying various recipients regarding some unusual logins through unrecognized devices.

This particular email attack had been socially engineered and had all sorts of information that was very particular to a recipient like their account handle on the app.

The idea was to install some trust regarding the email and make sure it was legitimate from the app. Remember, any form of unusual logins prompts users to go through review details while securing accounts that follow fake reports having unauthorized access. So this particular message was aimed to send alarm bells ringing and adding urgency so victims could take notice.
The hackers try to force victims to click on links that would redirect them to fake landing pages that are created to exfiltrate data for logins.

The fake landing pages were designed with the ‘This was not me’ theme and had action buttons related to that. Hence, navigating victims to the second fake landing page. In the end, it just prompts users to alter account information as some other person has their respective login details.

Phishing attacks that have the credential link attached to them such as this one are particularly designed to extract and provide credentials right to the attacker. Moreover, you’ll see victims falling for some great attacks that are exploiting common workflows.

In this particular example, the victims were told to move in the steps that they felt were protecting them from such an example.

Meanwhile, the cybersecurity firm says that this phishing email had bypassed the likes of security controls that belonged to native Microsoft email IDs. Moreover, the attackers involved utilized real domains to release fake emails.

The sender ended up getting a reputable score for their trustworthiness and hence there weren’t any discovered signs of infections that took place in the past 12 months that it was in existence.

These emails were for a staggering 22,000 mailboxes and they were intended for their delivery. But, it had been detected by Armorblox as it entailed malicious URLs.



Read next: 48% of macOS Malware Comes From Just A Single Source
Previous Post Next Post