Instagram, TikTok & Twitter Shutdown Stolen Accounts

Uploaded on 2021-02-12 in TECHNOLOGY--Hackers, FREE TO VIEW, TECHNOLOGY-Key Areas-Social Media

Instagram has shut down hundreds of accounts that were stolen during an online hacking operation that aimed at selling usernames. The Facebook-owned photo-sharing app has been taking down accounts stolen by the OGUsers cyber crime community group, a virtual market which is known to be a place to sell and exchange stolen usernames between hackers.

TikTok and Twitter have also taken action on accounts that have been harvested by the same group, according to cyber security expert Brian Krebs. He has reported that it’s a "coordinated" approach by the companies to take down these highly sought-after usernames, some of which have been involved in "lucrative" resales.

Facebook said it targeted a number of accounts tied to key sellers on OGUsers as well as those who advertise the ability to broker stolen account sales. OGUsers has helped to facilitate the hacking of accounts through methods such as SIM (Subscriber Identity Module) swapping, where a hacker gains control of someone's phone number and uses it to reset passwords and take control of their social media accounts. 

Although the big social media companies have began to taken action, SIM swapping is still considered a relatively simple hacking process.

The OGUsers forum earned notoriety last summer when it got into many famous people’s Twitter accounts and used them to spread a Bitcoin scam. Approximately 130 accounts were targeted, including ones belonging to Elon Musk and former US president Barak Obama. “Particularly prized by this community are short usernames, which can often be resold for thousands of dollars to those looking to claim a choice vanity name,” Brian Krebs commented.

Facebook said it targeted a number of accounts tied to key sellers on OGUsers, as well as those who advertise the ability to broker stolen account sales. "Today, we're removing hundreds of accounts connected to members of the OGUsers forum...  we will continue to do all we can to make it difficult for them to profit from Instagram usernames," a Facebook spokesperson said. 

Like most cyber crime forums, OGUsers is populated by criminals, some of whom act as intermediaries in the sale of private data.  

Krebs On Security:          ITPro:         The Verge:          ITPro

You Might Also Read:

Diving Into The Dark Web:

« Cyber Security In Higher Education
Hiring Good Cyber Security Professionals Is Hard Work »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Bulb Security

Bulb Security

Whether your internal red team or penetration testing team needs training, or you lack internal resources and need an outsourced penetration test, Bulb Security can help.

Exodus Intelligence

Exodus Intelligence

Exodus Intelligence are an industry leading provider of exclusive zero-day vulnerability intelligence, exploits, defensive guidance, and vulnerability research trends.

Cysec Resource Co (CRC)

Cysec Resource Co (CRC)

We offer expertise in information and cyber security, sourcing individuals and teams who provide information security expertise to the public and private sector.

RSA Insurance Group

RSA Insurance Group

RSA is one of the world’s leading multinational quoted insurance groups. Commercial services include cyber risk insurance.

My Data Recovery Lab

My Data Recovery Lab

We recover data from: HDDs, RAIDs, NAS, SSDs, USB Flash Devices, Desktop Computers, Mobile devices and other data storage media.

Mega

Mega

Mega is a secure cloud data storage provider with browser-based high-performance end-to-end encryption.

Protocol Policy Systems

Protocol Policy Systems

Protocol Policy Systems specialise in IT policy deployment and management systems that deliver compliance and secure computing environments.

Rhebo

Rhebo

Rhebo Industrial Protector monitors and ensures the continuous, correct, and predictable operation of real-time Industrial Control Systems to prevent outages and reduce downtimes.

Asseco Group

Asseco Group

Asseco Poland stands at the forefront of the multinational Asseco Group. We are a leading provider of state-of-the-art IT solutions in Central and Eastern Europe.

CyberNB

CyberNB

Canada's epicentre for cybersecurity. CyberNB is focused on cyber skills and workforce development, R&D, protecting our critical infrastructure, innovation and building a world class cyber ecosystem.

Empiric

Empiric

Empiric is a multi-award winning technology and transformation recruitment agency specialising in data, digital, cloud and security.

ByteLife Solutions

ByteLife Solutions

ByteLife Solutions specialises in the provision of IT infrastructure services and solutions, including cybersecurity.

NARIS

NARIS

NARIS is the leading provider of an integrated Governance, Risk and Compliance platform called NARIS GRC.

National Security Services Group (NSSG)

National Security Services Group (NSSG)

National Security Services Group (NSSG) is Oman's leading and only proprietary Cybersecurity consultancy firm and Managed Security Services Provider.

NACVIEW

NACVIEW

NACVIEW is a Network Access Control solution. It allows to control endpoints and identities that try to access the network - wired and wireless, including VPN connections.

Bluefin Payment Systems

Bluefin Payment Systems

Bluefin is the recognized integrated payments leader in encryption and tokenization technologies that protect payments and sensitive data.