HackDig : Dig high-quality web security articles for hacker

Trend of Hacked Instagram Accounts Promoting Adult Links Gets Worse and Worse

2016-08-11 00:55

The trend of Instagram profiles promoting adult content has taken a turn for the worse, with hackers actively compromising already existing accounts instead of creating new profiles from scratch.

Just like any other popular social network like Facebook and Twitter, Instagram is also plagued by bots promoting adult material.

This trend had become a serious problem at the start of 2016 when Symantec noticed an increase in the number of fake profiles promoting pornographic content.

From creating new accounts to taking over existing profiles

Because since January crooks dumped the personal details of over 800 million users via data breaches from services such as LinkedIn, MySpace, Tumblr, VK, and Yahoo, the people behind this Instagram pr0n spam have adapted their tactics.

Leveraging some people's tendency to reuse passwords, crooks took the data from those publicly disclosed breaches and used it to test and hack into existing Instagram accounts.

Where they got access, the hackers changed the user's name, bio, avatar, and profile link, while also uploading sexually explicit images.

In most cases, Symantec says the profile link and the links added with the hacker's uploaded nude images redirect users to online dating sites where users are asked to fill in surveys and register on the sites. All of these links contained affiliate IDs, which help the crooks earn money on the backs of users following these URLs.

Mysteriously, in some cases, the adult links only work on mobile devices

In some cases, Symantec says that these links only showed adult content only when accessed via a mobile device. When accessed via a desktop or laptop, they would redirect users to some random Facebook profile.

Symantec says that for all of the hacked accounts, the attackers had changed the original account password, resulting in some users losing access to their account, giving up their profile, and creating a new one, leaving the original under the hacker's control.

At the start of the year, Instagram announced support for two-factor authentication, a feature it's still testing and which could thwart most of these account hijacking incidents.

Besides Instagram, Symantec detected a similar wave of hacked Twitter accounts, spammed with adult content, also leading users to affiliate adult-themed websites.

The type of sites to which the spammy links redirect users
The type of sites to which the spammy links redirect users

Source: a-esrow-steg-sknil-tluda-gnitomorp-stnuocca-margatsni-dekcah-fo-dnert/swen/moc.aideptfos.swen

Read:1857 | Comments:0 | Tags:Advisories

“Trend of Hacked Instagram Accounts Promoting Adult Links Gets Worse and Worse”0 Comments

Submit A Comment



Blog :

Verification Code:


Share high-quality web security related articles with you:)


Tag Cloud