Instagram account can be easily hacked, finds hacker

A professional hacker discovered what he considered a fairly simple way to seize control of any Instagram user's account. Fortunately for the site's 500 million active daily users, he told Instagram exactly how it could be done.

Laxman Muthiyah is a professional bounty hunter. Not the kind who tracks down bail jumpers, mind you. He uses his hacking skills to collect bug bounties, money companies pay to hackers who find and report vulnerabilities in their software.

Muthiyah found the account-breaking bug in the mobile version of Instagram's password reset system. When a user wants to reset his or her password, Instagram tries to validate their identity by sending a 6-digit code to a recovery phone number.

A six-digit code is child's play for a hacker with any amount of computing power at their disposal, which is why Instagram has a system in place that can detect brute-force attacks. Muthiyah found that out of 1,000 attempts around 75% were blocked.

By creating a race condition -- a nasty situation that occurs when a computer tries to process multiple requests at the same time -- and making attempts from a huge number of IP addresses -- Muthiyah was able to do an end run around Instagram's brute force blocker.

He bombarded Instagram with 200,000 codes from 1,000 different IP addresses. That might sound like a Herculean task, but Muthiyah notes that it's actually quite simple using cloud-based tools.

In his estimation it would have cost about $150 to reset anyone's password.

Gaining control of an account with hundreds of thousands -- or even millions -- of followers is well worth the investment. It provides an opportunity to spam users with links to infected downloads or phishing pages from an account they are likely to trust.

There's no telling how many unsuspecting fans would've blindly clicked a malicious link posted from a celeb's verified IG account. It's quite possible that a major incident was avoided thanks to Muthiyah's hard work and Facebook's (which owns Instagram) rapid deployment of a fix.

China hacked TCS, 7 other major firms: Report

‘Operation Cloud Hopper’ — a global cyber espionage campaign — first made headlines when Chinese hackers reportedly broke past IBM and Hewlett Packard Enterprise. Now, it seems that they weren’t the only ones attacked.

Hackers working for China’s Ministry of State security broke into networks of eight of the world’s biggest technology service providers in an effort to steal commercial secrets from their clients, according to sources familiar with the attacks.

Technology service providers such as Hewlett Packard Enterprise (HPE), IBM, Fujitsu, Tata Consultancy Services (TCS), NTT Data, Dimension Data, Computer Sciences Corporation (CSC) and DXC Technology, HPE’s spun-off services arm, were the target of Cloud Hopper attributed to the Chinese government by the United States and its Western allies.

It isn’t just TCS that was hacked. The service provider was used as a jumping off point to gain access to their client’s networks.

Meanwhile, China is denying all involvement in the attacks and companies are claiming that no sensitive information was compromised, but the Reuters report shows otherwise.

A U.S. indictment in December outlined an elaborate operation to steal Western intellectual property in order to advance China’s economic interests but stopped short of naming victim companies.

Reuters has identified more than a dozen victims who were clients of the service providers. That list includes Swedish telecoms giant Ericsson, U.S. Navy shipbuilder Huntington Ingalls Industries and travel reservation system Sabre.

HPE said it worked “diligently for our customers to mitigate the attack and protect their information.” DXC said it had “robust security measures in place” to protect itself and clients, neither of which have “experienced a material impact” due to Cloud Hopper.

NTT Data, Dimension Data, Tata Consultancy Services, Fujitsu and IBM declined to comment. IBM has previously said it has no evidence sensitive corporate data was compromised by the attacks.

Sabre said it had disclosed a cybersecurity incident in 2015 and an investigation concluded no traveler data was accessed. A Huntington Ingalls spokeswoman said the company is “confident that there was no breach of any HII data,” via HPE or DXC.

Hackers attacked Russian Prime Minister Dmitry Medvedev's Twitter


Source: RT
Unknown hacked the page of Russian Prime Minister Dmitry Medvedev on Twitter. They posted on the Twitter page meaningless letters and words in response to the message of the Iraqi Ambassador in Moscow.

The hacking of the Russian Prime Minister's Twitter page was recorded on 12 June. The Press Service of the Cabinet of Ministers said that currently control over the account is restored.

We are talking about the English version of the account @MedvedevRussiaE. Mysterious messages on Medvedev's Twitter appeared in response to the message of the Ambassador of Iraq in Moscow Haidar Mansur Hadi. He posted few photos from the ceremonial reception of Heads of diplomatic missions in the Kremlin on the occasion of Day of Russia. The answer to him was an incomprehensible phrase written in Latin letters, from which only one word “cucumber” is understandable.

Some users of social networks suggested that in such an unusual way Dmitry Medvedev decided to congratulate the Ambassador on Russia's holiday. However, the second phrase was no less mysterious “Hop cc very very hubby cheers cheers her very vav chi hi”. After this comment, users decided that the English-language Twitter account of the Prime Minister was attacked by hackers. Shortly after publication, both messages were deleted.

Currently, on June 12, the account @MedvedevRussiaE contains congratulation on the Day of Russia.

Earlier, Medvedev's Twitter was hacked in August 2014. Then, in the Twitter account of Dmitry Medvedev, there were ports of his resignation, as well as criticism of colleagues in the Government. The motive for the resignation was based on the fact that the Prime Minister was allegedly ashamed of the Government's actions. In a short time, records on behalf of the Prime Minister scored thousands of retweets, and the Media began to publish screenshots of the hacked page. Subsequently, the Press Service of the Government reported that the account was hacked.

It should be noted that Medvedev started a Twitter account long ago when he was the President of Russia. During a trip to the United States in 2010, Medvedev visited Apple Headquarters and received an iPhone 4 from Steve Jobs as a gift. He also visited Twitter Headquarters, where he created an account and wrote his first tweet. The Russian-language Twitter account of Medvedev has 4.84 million subscribers, the English version has 1.04 million.

Multi-factor authentication bypassed to hack Office 365 & G Suite Cloud accounts



Massive IMAP-based password-spraying attacks successfully breached Microsoft Office 365 and G Suite accounts, circumventing multi-factor authentication (MFA) according to an analysis by Proofpoint.

As noted by Proofpoint's Information Protection Research Team in a recent report, during a "recent six-month study of major cloud service tenants, Proofpoint researchers observed attackers are targeting legacy protocols with stolen credential dumps to increase the speed and efficiency of the brute force attacks.

Based on Proofpoint study, IMAP is the most abused protocol, IMAP is the protocol that bypasses MFA and lock-out options for failed logins.

This technique takes advantage of the fact that the legacy authentication IMAP protocol bypasses MFA, allowing malicious actors to perform credential stuffing attacks against assets that would have been otherwise protected.

These intelligent new brute force attacks bring a new approach to the traditional normal brute force attack that uses the combination of usernames and passwords.

Based on the Proofpoint analysis of over one hundred thousand unauthorized logins across millions of monitored cloud user-accounts and found that:

▬ 72% of tenants were targeted at least once by threat actors
▬ 40% of tenants had at least one compromised account in their environment
▬ Over 2% of active user-accounts were targeted by malicious actors
▬ 15 out of every 10,000 active user-accounts were successfully breached by attackers

Their analysis unearthed the fact that around 60% of all Microsoft Office 365 and G Suite tenants have been targeted using IMAP-based password-spraying attacks and, as a direct result, approximately 25% of G Suite and Office 365 tenants that were attacked also experienced a successful breach.

On the whole, after crunching down the numbers, Proofpoint reached the conclusion that threat actors managed to reach a surprising 44% success rate when it came to breaching accounts at targeted organizations.

The ultimate aim of the attackers is to launch internal phishing and to have a strong foothold within the organization. Internal phishing attempts are hard to detect when compared to the external ones.

Hackers Target Popular Instagram Profiles


Cyber Hackers have now set their sights on the Instagram accounts of high-profile and social media influencers with phishing emails so as to gain access to their accounts before the influencers can even comprehend what's going on.

As indicated by sources it was reported that the hackers have especially targeted those Instagram profiles that have followers somewhere in the range of 15,000 and 70,000. Their targets for the most part go from well-known actors and artists to even proprietors of new companies.

Starting with the phishing emails showing up from Instagram requesting that the user should verify their accounts to get the 'Verified' batch on their respective Instagram profiles; it takes them to the phishing page that requests the following user certain details such as their date of birth, email, and credentials.

Once submitted, a batch notification shows up, yet for just four seconds. This is a trap to give the users the feeling that their profile has been verified thusly.

A visualization of how the hackers are stealing the Instagram profiles
As the user enters the credentials in the phishing page attackers gain access to those credentials and by utilizing them they access the Instagram profiles and change the data that requires recouping the stolen account.

The attackers change the username of the stolen address to show that it is hacked and use it to change the email address, over and over in order to trap the users with security emails making them feel as though the changes made were legitimate indeed.

Screenshot of the phishing email asking the user to verify his Instagram account
That is exactly what happened to a photographer who had approximately 15,000 followers on Instagram, when she had her account stolen.

The hackers nowadays have therefore, without any doubt become experts in areas where they 'lure' the victims into handing out their personal information to get a motivating force, particularly like the blue batch on their profiles and their mimicry of Instagram's messages nearly seems real.

Hence, here are some of the warnings users and organizations can keep an eye out for and eventually protect their accounts from being hacked;

1. Use of domains other than the social network's own
2. Dubious font styles (i.e., utilization of screenshots rather than genuine pictures)
3. Incorrect language and punctuation 
4. Emails that request credentials; social networks never request them outside of their real, secure login pages
5. Spam filters and Antispam portals.



Bank details of Bernard Matthews employees stolen

A suspected cyber-attack "potentially compromised" the bank account details of 200 workers at Bernard Matthews.

The turkey producer has made staff aware of the suspected hack.

The Norfolk-based company said it was alerted by its bank on 22 January, as first reported in the EDP.

A spokesman said: “After being first alerted by our bank, we reported the incident to the relevant authorities and put in place extra security measures, as well as offering additional security advice to those affected.” "We continue to monitor the situation but we are not aware colleagues have been affected any further," he added.

The person or group behind the hack is unknown.

Bernard Matthews employs 3,000 people across East Anglia. The company is a major employer in Norfolk and Suffolk, including at its plant at Holton, near Halesworth, and its headquarters at Great Witchingham.
The business has been through a difficult time in recent years, coming close to collapse in 2013.

Last year, it was one of two interested parties bidding to take over Banham Poultry, in Attleborough, which was eventually sold to Chesterfield Poultry.

In 2016 the Boparan Private Office, owned by food tycoon and 2 Sisters Food Group entrepreneur Ranjit Boparan, known as the “Chicken King”, bought the firm in a pre-pack deal in 2016 from Rutland Partners, saving 2,000 jobs after the firm posted pre-tax losses of £5.2m.

US charges Russians for interfering in 2016 Elections, Identity theft in the centre

On Friday, Special Counsel Robert Mueller charged against 13 Russian nationals and three Russian groups for interfering with the 2016 U.S. elections.

The charges included creation of false U.S. identities as well as identity theft of six U.S. residents. The charges of identity theft were brought against four Russian nationals.

According to the indictment, the Russian nationals used stolen Social Security numbers, home addresses, and birth dates of the six persons to open bank and PayPal accounts and obtain fake government documents between June 2016 and May 2017.

“This indictment serves as a reminder that people are not always who they appear to be on the Internet,” Deputy Attorney General Rod J. Rosenstein said at a press briefing announcing the indictments.

The Russians allegedly used the stolen identities to open four accounts at an undisclosed U.S. bank and purchased more than a dozen bank account numbers from online sellers.

The stolen information was also allegedly used to evade PayPal security measures.

“We work closely with law enforcement, and did so in this matter, to identify, investigate and stop improper or potentially illegal activity,” PayPal said in a statement.

The Russians are claimed to have used the accounts to pay for the promotion of politically inflammatory social media posts, IRA expenses, political rallies and political props including banners, buttons and flags, in efforts to boost President Trump’s campaign, and are alleged to have been paid $25 to $50 per post from U.S. persons to promote content on IRA-controlled Facebook and Twitter accounts.

Hackers compromised over 50,000 accounts of 'Kinopoisk' website to change rating of movie 'Crimea'


Hackers compromised over 50,000 user accounts of the Kinopoisk(Movie Search) website - One of the leading online database for movies in Russia.  The main goal of hackers was increasing the rating of a film "Crimea", which was expected on the screens.

The incident first came to the spotlight when some of the users noticed the marks in their profile that they are expecting the premiere of the film "Crimea".  The administration of "Kinopoisk" received complaints from number of users.

After internal investigation, Representatives of the website has removed over 50,000 incorrectly marked marks.  After removing those marks, the number of marks is reduced from 70,000 to 17,000 - The rating of the move is reduced from 60% to 20%.

The technical Support staff of the portal also send notification to all the users of the hacked accounts to change the password.  They also recommended to set a strong password and not to use the same password in any other services.

- Christina



Twitter Account Of Actress Stefanie Scott for sale in UnderGround hacking forum

A recent post on an underground hacking forum claimed to sell the Twitter account of the actress "Stefanie Scott" . This is one of the rare time's the attack can be prevented before it happens so I am releasing this  post in public interest.And to show how such celebrity accounts are sold by hackers.

Now lets analyze the post . First I am worried by his statement of "pm me for her twitter ETC" which point's that he is in control of MORE than her twitter account. And she seems oblivious to the fact that her account's might be hijacked because she tweeted about an hour ago and the sales thread has been opened way before that .

As you can see such accounts can go for 400$ or more .The account has 256,211 followers which is worth a lot.Most such hacks don't affect the celebrities as much as the followers whose computers or accounts might be hijacked as the result of following the links posted by a hacker posing as the celebrity. 

It is the responsibility of the celebrity to keep his/her account safe as they are not the only people affected, their fans often take the worst side of the attack.

PS: This might just be a scam by the user to rip off  other users but it seems unlikely since he is a higher level of user and would not like "scam reports" to be opened against him.I will update this article if I get more information. 

Facebook Page of Former Secretary of State Colin Powell hacked


Former US Secretary of State Colin Powell's official page was hacked. After hijacking the facebook page, the hacker started to post some of the pictures stolen from the email accounts of the Bush family by a hacker named "Guccifer".

"Kill the illuminati! Tomorrow’s world will be a world free of illuminati or will be no more!" The hacker said in one of the post.

After few hours, Powell managed to recover his facebook page and apologized for the offensive posts made by the hacker.

"Dear Friends, as most of you realize, my fb page has obviously been hacked. I'm sorry you have to see all the stupid, obscene posts that are popping up. Please ignore as we are working with fb to take care of this problem. I appreciate your patience." Powell posted after he recovered his facebook page.

"Dear Friends, I'm happy to report that the hacking problem has been fixed. We have been working with fb this morning and they took immediate action to remedy the situation."

Avengers: "The Hulk"(Mark Ruffalo) Twitter account hacked

The twitter account belong to actor Mark Ruffalo, who plays 'The Hulk' in the Avengers Movie, has been hacked by an unknown hacker.

The hacker took over the account, started to sending out crazy messages and post a link to who has the best booties in Hollywood, a link to which women in Hollywood have the best breasts, and how to have mind blowing sex.

"It's kind of hilarious me getting hacked today. I got to hand it to the hacker. Kind of genius." Tweet from Mark_Ruffalo reads.

After being accused of being the hacker, he wrote, “Giving up answering Tweets. Last word on the matter. Mark's account was hacked, and the hacker renamed it, so this username became free. I registered the name so Mark could get it back if he wanted it. I'm happy to hand it over, or e-mail the password to him. End of story.”

“Dude, You are my hero. Thanks for giving me back my identity. Thanks for thinking to save it. Best to you,” Ruffalo responded.

Twitter transferred the followers and the old tweets to Hulk’s new account, @Mark_Ruffalo.



North Korean hacked Email Accounts of Information Security School Students


Hackers breack into Information Security School server and compromised email accounts of alumni.  The National Intelligence Service investigated that North Korea was behind this hacking attack.  According to the report, They hacked e-mail accounts of 27 students of Korea University's Graduate School of Information Security.

"Analysis of the malware used to hack into the e-mail accounts confirmed that it is identical to malicious codes spread by North Korea," an NIS official said Wednesday. "We have tentatively concluded that North Korean hackers were behind the attack and are tracking the source."

The hackers send spam mail with malwares to alumni via the Korea University Center for Information Security Technologies. The investigation revealed that all of those who received it graduated in the same year. It appears that the hackers obtained the directory with all their email addresses and planted the malicious code.

The reason North Korea tried to hack into the e-mail accounts is because most of the school's graduates get jobs either at the Defense Ministry, NIS or other government security agency, intelligence officials believe.

International Foreign Government E-Mails Hacked by TeaMp0isoN



A hacker named as "Hex00010" , a member of Hackers Team "TeaMp0isoN" hacked about 200 emails accounts of International Foreign Government. He released the all database in pastebin. They got these email database by hacking into armynet.mod.uk , website of Parliament of Australia (aph.gov.au)  and some other sites.

Microsoft's Official Youtube Channel hacked and All videos deleted



Microsoft Official Youtube Account is hacked by Unknown hacker. He removed all videos from their channel. Hacker uploaded four videos , all time-stamped within two hours.

A fifth video was apparently removed.. The video, “Garry’s Mod – Escape the Box,” featured what appeared to be an animated gunman shooting at the inside of a construction box.The channel’s description reads, “I DID NOTHING WRONG I SIMPLY SIGNED INTO MY ACCOUNT THAT I MADE IN 2006 :/"

Now Mcirosoft recovered the account and uploaded videos back. Still they didn't find how hacker hacked it.