"Attackers Publicly Demanding Ransom From Hacked Instagram Account Owners in a Brazen Phishing Campaign"
An Instagram phishing campaign has been discovered targeting corporate and influencer accounts with a large following. According to security researchers at the Secureworks Counter Threat Unit (CTU), the hackers perform phishing attacks to gain control of the targeted account and then force the victims to pay a ransom to get the hacked Instagram account back. The attackers accuse the account owner of copyright infringement and threaten to delete the account unless the target completes an appeal form. The victim is provided with a link to a customized phishing landing page that resembles the target's account. The page displays an appeal button that takes the victim to a fake login page where they are asked to enter their Instagram login credentials, which the hackers then use to gain access to the account. Once the hackers gain control over the Instagram account, they modify the username, change the password, and post a message on the victim's bio stating that the hacked account is being held to be sold back to its owner. The threat actors behind the Instagram phishing campaign have been identified as Turkish and Russian citizens, Pharaben and Farway. They describe themselves as advanced experts in social media and hacking. The researchers warn that although the social media hacking incident appears insignificant, the threat actors could gain access to email accounts or other corporate resources through the compromised Instagram accounts. Hacked corporate Instagram accounts could also damage an organization's brand and reputation, further pressuring victims to pay the demanded ransom. This article continues to discuss the phishing campaign that has targeted corporate Instagram accounts and the potential impact of social media hacking.