Instagram has been hit by a widespread hacking campaign that seems to have affected hundreds of users so they can not restore their accounts.
As reported by Mashable, increasing numbers of Instagram users find themselves excluded accounts.
Login attempt appears to be unsuccessful, and when password reset and recovery email addresses are requested, many users report that the email addresses associated with their accounts have been changed to .ru domains.
Although it is unknown who is behind compromise, the use of .ru email addresses may indicate that the source is from Russia ̵
User names, profile pictures, passwords, email addresses and connected Facebook accounts are changed, according to victims. A connection between the compromised accounts is the use of Disney or Pixar characters when new profile images are uploaded.
According to the publication, hundreds of users of the image sharing platform have reported account setting issues. At the time of writing, users are still targeted and tweeting directly to Instagram in desperation to get their accounts back.
TechRepublic: Instagram IGTV: 3 Ways Businesses Can Use The New Service
It is unknown how many victims implemented two-factor authentication (2FA) in their accounts. Since email addresses have been changed, along with other contact information, users involved in hack likely will have a hard time restoring their accounts.
Users on Twitter have found The recovery process for Instagram accounts should be frustrating. Some victims say that, despite going through all the necessary steps, the platform has not yet helped, and the automated systems Instagram uses for account recovery has not proven to be effective.
An Instagram user commented Twitter that they had waited five days and another said it took two and a half weeks for Instagram to return their account.
Your account may have been compromised due to a lack of 2FA, salmon password security or a successful phishing campaign.
CNET: It's time to take a long look at our Instagram label
"We're working hard to give the Instagram community a safe and secure experience," said an instagram -talsmann. "When we become aware of an account that has been compromised, we discontinue access to the account, and those who have been hit are executed a legal process so that they can reset their password and take other necessary steps to secure their accounts. "
When social media accounts target cyber attackers, they are often sent to contacts that contain malicious links and scripts to propagate, and fraudulent content or spam is often posted on timelines.
It does not appear that it is the case with the Instagram event because there have been reports that user content is being deleted or new images are being published.
See also: Apple macOS vulnerability paves the way for the single-click system compromise
As a result, Paul Bischoff, the proprietor of privacy at Comparitech.com believes that the widespread hacking can be due to a botnet. Speaking to Threat Post, Bischoff speculated that the accounts could be meant for a spam slave army.
"Although some victims regain control over their accounts, many of those affected have probably stopped leaving the platform or just do not want to go through trouble adding troops to the spambot army," Bischoff added.