Has your Instagram been hacked? Accounts flooded with porn to lure victims to adult dating sites

Scammers targeting social media users have been found to be hacking into Instagram accounts in efforts to promote adult dating sites. The hackers changed profile images and passwords of compromised accounts and flooded them with "sexually suggestive content" tailored to lure victims to adult sites.

According to Symantec security researcher Satnam Narang, the hackers refrained from adding or deleting any of the older pictures already uploaded by the original account holders except the profile image, which was changed by the scammers, was found to be the image of a woman, "regardless of the gender of the actual account owner."

Narang said, "Over the last few months, we have observed Instagram accounts being hacked and used to promote adult dating spam. Even after a few months, these accounts remain in the same state, indicating that the real owners may have created new accounts since."

The hacked accounts also feature links, either shortened URLs or a direct link, which prompt users to click on it. Quite like similar social media scams, the links redirect users to an intermediary site, controlled by the hackers.

"This site contains a survey suggesting that a woman has nude photos to share and that the user will be directed to a site that offers "quick sex" rather than dating. Interestingly, this page only appears on mobile browsers. If the user tries to visit the URLs on a desktop computer or laptop, they are sent to a random Facebook user's profile. Once a user completes this survey, they are redirected to an adult dating website that contains an affiliate identification number," Narang noted.

Each user that signs up to the site via the link in the hacked Instagram account aids the hackers by filling their coffers, as they earn a commission.

Hackers getting lazy?

Unlike similar social media scams where hackers have taken over user accounts to promote adult sites, this particular scam lacks a few notable characteristics. For instance, in other such scams, Symantec observed that the hacked accounts had a different username, full name, profile picture, bio and more. However, in this case, the scammers did not upload any new images and neither did they change the usernames. "It is unclear why these two identifying traits have been discarded. However, everything else remains in tact, including the modified profile image and link," Narang added.

Weak passwords are the culprit

Although it is still unclear as to how the hackers were able to compromise the Instagram accounts, Symantec opines that weak passwords and the practise of reusing passwords are the culprit behind the hacking spree.

Following the LinkedIn hack, password reuse has already been observed as one of the most dangerous of practices and has resulted in data breaches sustained by several high-profile firms. Tech giants including Facebook and Netfilx were among many who initiated forced password resets for their users, following the breach.

Two-factor authentication

Symantec urged people to activate the two-factor authentication system for the Instagram accounts, to ensure that they don't fall victim to such cyberattacks.

Nick Shaw, EMEA Vice President and General Manager at Norton by Symantec told IBTimes UK, "Scammers are naturally attracted to large online communities and with 500m monthly active users, Instagram makes a prime target for maximum impact. The influx of affected Instagram accounts identified by Symantec's Response team showcases a scenario when a hack could not only compromise your account but also damage your online reputation through profile alterations.

"To stay safe when using Instagram, you should turn on your two-factor authentication, which would automatically send a verification code to your mobile device when you try to log in from an unrecognised device. However, if you have been a victim of a hack or have identified an account that might have been compromised you shouldn't remain passive and immediately report this."