Instagram, TikTok & Twitter Shutdown Stolen Accounts

Uploaded on 2021-02-12 in TECHNOLOGY--Hackers, FREE TO VIEW, TECHNOLOGY-Key Areas-Social Media

Instagram has shut down hundreds of accounts that were stolen during an online hacking operation that aimed at selling usernames. The Facebook-owned photo-sharing app has been taking down accounts stolen by the OGUsers cyber crime community group, a virtual market which is known to be a place to sell and exchange stolen usernames between hackers.

TikTok and Twitter have also taken action on accounts that have been harvested by the same group, according to cyber security expert Brian Krebs. He has reported that it’s a "coordinated" approach by the companies to take down these highly sought-after usernames, some of which have been involved in "lucrative" resales.

Facebook said it targeted a number of accounts tied to key sellers on OGUsers as well as those who advertise the ability to broker stolen account sales. OGUsers has helped to facilitate the hacking of accounts through methods such as SIM (Subscriber Identity Module) swapping, where a hacker gains control of someone's phone number and uses it to reset passwords and take control of their social media accounts. 

Although the big social media companies have began to taken action, SIM swapping is still considered a relatively simple hacking process.

The OGUsers forum earned notoriety last summer when it got into many famous people’s Twitter accounts and used them to spread a Bitcoin scam. Approximately 130 accounts were targeted, including ones belonging to Elon Musk and former US president Barak Obama. “Particularly prized by this community are short usernames, which can often be resold for thousands of dollars to those looking to claim a choice vanity name,” Brian Krebs commented.

Facebook said it targeted a number of accounts tied to key sellers on OGUsers, as well as those who advertise the ability to broker stolen account sales. "Today, we're removing hundreds of accounts connected to members of the OGUsers forum...  we will continue to do all we can to make it difficult for them to profit from Instagram usernames," a Facebook spokesperson said. 

Like most cyber crime forums, OGUsers is populated by criminals, some of whom act as intermediaries in the sale of private data.  

Krebs On Security:          ITPro:         The Verge:          ITPro

You Might Also Read:

Diving Into The Dark Web:

« Cyber Security In Higher Education
Hiring Good Cyber Security Professionals Is Hard Work »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Engineering Group

Engineering Group

Engineering is the Digital Transformation Company, a leader in Italy and with over 80 offices across Europe, the United States, and South America.

Styra

Styra

Styra allows companies to secure cloud environments and applications, including those built on the popular Kubernetes open-source cloud platform.

Inavate Consulting

Inavate Consulting

Inavate Consulting are experts in defining and implementing information assurance solutions and governance frameworks. Our ISO27001 consultants are the most experienced in the industry.

NanoLock Security

NanoLock Security

NanoLock delivers the industry’s only end-to-end platform for the IoT and connected devices ecosystem.

EOL IT Services

EOL IT Services

EOL IT Services is the UK’s most accredited provider of IT Asset Disposal (ITAD), Lifecycle Services and Data Destruction.

Censys

Censys

Our customers rely on Censys data to get the global visibility they need of their attack surfaces in order to proactively prevent nation-state attacks and emerging threats.

Krypsis

Krypsis

Krypsys is an information security company with a focus on helping you defend your information and data against emerging security threats.

McCrary Institute - Auburn University

McCrary Institute - Auburn University

The McCrary Institute seeks practical solutions to real-world problems in the areas of cyber and critical infrastructure security.

LiveAction

LiveAction

LiveAction provides end-to-end visibility of network and application performance from a single pane of glass.

GeoEdge

GeoEdge

GeoEdge is the premier provider of ad security and quality solutions for the online and mobile advertising ecosystem.

Certihash

Certihash

Certihash have developed the world’s first blockchain empowered suite of information security tools based on the NIST cybersecurity framework.

Radix Technologies

Radix Technologies

Radix offer end-to-end device management solutions, consolidating all the organization devices, processes and stakeholders into one easy-to-use management platform.

Ipseity Security

Ipseity Security

Ipseity Security provide security-centric advisory and consulting services for organizations to secure their perimeter-less digital transformation to meet business and security requirements.

Phone Monitoring Service

Phone Monitoring Service

Phone Monitoring Service provides cyber security services, ethical hacking services, social media hacking services in the USA, Canada, Europe.

Slide

Slide

Slide is a modern, security-first Business Continuity & Disaster Recovery (BCDR) company built exclusively for Managed Service Providers.

Spektion

Spektion

Spektion are transforming how organizations meet the challenge of third-party software risk.