Instagram hack: Hundreds of accounts taken over in mysterious Russian attack

'My account has been hacked! Username, email and password has been changed. Now someone called Laitus Maria has all my pics,' one Instagram user complained

Anthony Cuthbertson
Wednesday 15 August 2018 12:05 BST
A hacking campaign using Russian email addresses has locked hundreds of people out of their Instagram accounts
A hacking campaign using Russian email addresses has locked hundreds of people out of their Instagram accounts

A widespread hacking campaign that appears to stem from Russia is affecting hundreds of Instagram users, leaving people locked out of their accounts.

The hack sees Instagram account names, profile pictures, passwords and email addresses associated with accounts changed by the attackers, with the new email addresses originating from a Russian email provider.

Many of the affected accounts have had their profile pictures replaced with stills from popular films, including Pirates of the Caribbean and Despicable Me 3.

A spokesperson for Instagram was not immediately available for comment but the company tweeted an acknowledgement of the issue on Wednesday, 15 August.

"We are aware that some people are having difficulty accessing their Instagram accounts," the company tweeted. "If you think you have been impacted, please follow our guidance to regain access."

The Facebook-owned firm's official guidance for regaining access to a hacked account claim that Instagram users will be notified of any change of email address to their account via an email to the original address.

"Please click the link marked 'revert this change' in the email, and then change your password," the guidelines state. "We advise you pick a strong password. Use a combination of at least six numbers, letters and punctuation marks... It should be different from other passwords used elsewhere on the internet."

One Instagram user took to Twitter to complain about the security process, which they claimed was unable to restore their account.

"I'm concerned because my account has been taken over by the hacker – but I did not receive any email from Instagram whatsoever when my email was changed," one Twitter user wrote to Instagram.

"Can you help? Your guides are not helping me so far, but I'm glad you are aware of the problem."

Some security experts have speculated that the hacked accounts could be used as spam bots, with privacy advocate Paul Bischoff telling Threatpost: "Even if some victims regain control of their accounts, many of those affected have likely quit the platform or just won't go through the trouble, adding soldiers to the spambot army."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in