Instagram disables accounts stolen by hackers planning to resell them

Instagram disables accounts stolen by hackers planning to resell them

CREDIT: Pixabay

INSTAGRAM has disabled and removed hundreds of stolen accounts as attacks from hackers in order to steal and resell them escalate.

The hackers were mainly intent on obtaining rare usernames with handles of fewer than five letters that would be valuable for resale.

Instagram accounts with high followings, verification badges or desirable usernames become valuable for resale.

The practice is against Instagram’s terms of service, but difficult for them to track.

Members of the group, known as OGUsers, have received cease and desist letters from Instagram’s parent company, Facebook, which is coordinating with law enforcement to solve the matter.

OGUsers has operated since 2017 and is believed to be responsible for millions of dollars worth of account sales, each one of which can fetch thousands or tens of thousands of dollars each, Facebook said.

Their security team is worried that OGUsers and others like them have become more active and more violent, using threat tactics to achieve their ends.

Both TikTok and Twitter also took action on accounts belonging to the same hackers.

The announcement on Thursday, February 4, is the first time Facebook has made it public that the accounts are being taken down, and by revealing the process they used, the company hopes to make the accounts less desirable.

The valuable accounts are often obtained via phishing, in which the hackers pretend to be Instagram to get passwords, or via SIM swapping, mimicking a phone number to override authentication.

Recently, more aggressive methods have been used both on and offline, including extortion with hacked nude photographs.

In some cases, if the hackers do not get the desired response, they will call the police to report a bomb threat or shooter at the account holder’s home, sending the SWAT team to the address.

Instagram will attempt to restore accounts to their original owners, but can find it hard to verify who that is.

The company has promised to protect vulnerable accounts against future attacks by getting them to sign up for a new Facebook Protect program which includes tougher password security and monitors for threats.

Instagram has also released a new feature that allows users to recover deleted posts, in the event a hacker takes control of their account and wipes it clean.

Twitter and TikTok are also taking action against OGUsers community members.

A number of TikTok usernames that were being used for account squatting have been reclaimed.

In addition to disabling the stolen accounts, making them worthless, they also disabled the accounts of OGUsers middlemen who act as intermediaries during username transactions by holding funds in exchange for a cut of the fee.

OGUsers were behind an unprecedented Twitter hack that involved resetting the account passwords of dozens of high-profile individuals and companies, including Elon Musk and Barack Obama. The individual at the centre of the case, was Graham Ivan Clark, just 17 at the time.

Thank you for taking the time to read this news article “Instagram disables accounts stolen by hackers planning to resell them”. For more UK daily news, Spanish daily news and Global news stories, visit the Euro Weekly News home page.

Author badge placeholder
Written by

Jennifer Leighfield

Jennifer Leighfield, born in Salisbury, UK; resident in Malaga, Spain since 1989. Degree in Translation and Interpreting in Spanish, French and English from Malaga University (2005), specialising in Crime, Forensic Medicine and Genetics. Published translations include three books by Richard Handscombe. Worked with Euro Weekly News since November 2006. Well-travelled throughout Spain and the rest of the world, fan of Harry Potter and most things ‘geek’.