Hello again, fellow hackers! It's Tuesday again, so it's time for some interesting cybernews and opinions! Today, we're discussing a very interesting hack:
Dutch police claims they arrested 2 teens for hacking into key Instagram accounts with many followers, which they exploited to make tens of thousands of euros.
The 18 and 19 year old males accomplished this hack using "phishing", which is gaining a lot of popularity amongst the black hats right now.
The teens sent an email to the Instagram users, and made them login through their email. However, they didn't log in to Instagram, but instead they logged into a fake webpage set up by the young hackers. This allowed them to intercept their passwords with ease!
After they took over the accounts, they approached companies to advertise on their hacked Instagram accounts. As the accounts they took over had many followers, the companies of course didn't hesitate. The companies were probably not aware that they were dealing with hackers.
Well, it is widely known that Instagram has had many problems regarding their security. The perfect example of that is the tool called InstaBrute. I believe that tool is still working, even if it was made a long time ago!
But as highlighted in the article, the main vulnerability this time exploited was ignorance of the users.
First of all, they didn't have 2 factor authentication enabled, which made it a lot easier for the young hackers.
Second, they also fell for an email that was not by Instagram. They should've checked the source of the email and the URL of the webpage more correctly.
I honestly think this attack once again shows us that the main vulnerability in a computer system isn't in a computer itself, but in the mind of it's operator.
This attack only highlights the power of social engineering.
But what do you guys think? Let me know! Start discussing!