Khaberni - Recent tech reports revealed an incident of hacking targeting the Instagram platform, leading to the leakage of millions of accounts' information, despite the platform’s denial a week ago of any security vulnerabilities.
"Malwarebytes," a company specializing in internet security and antivirus, disclosed the details of this incident, confirming that the hack affected data of about 17 million users, as hackers published the victims' names, home addresses, emails, and phone numbers on the dark web.
These developments are connected to the activities of a hacking group known as "Shine Hunters," which had successfully breached "Salesforce," a major American software platform for customer service, putting it under the scrutiny of Google’s web security team. In January, experts observed a new fraudulent method relying on the creation of fake Google-branded emails that successfully bypass spam filters to reach victims.
The objective of these operations is to steal login data for the "Microsoft 365" platform through very convincing messages that pass through trusted Google services to direct users to fake login pages designed to capture their usernames and passwords, significantly increasing the risks to individuals and their technical institutions' privacy.
Details of the data leak of Instagram platform users on the dark web
The recent incident revealed precise details of millions of accounts on the dark web, including the following leaked information:
Full names of users linked to their profiles on the platform.
Verified home addresses and the registered email for each account.
Personal phone numbers and other sensitive data that were openly traded among hackers.
The victims were subjected to waves of phishing emails targeting the complete hacking of their accounts.
The mechanism of digital fraud and breach of the Microsoft 365 platform
Security reports issued in January explained the method used by hackers to access users' sensitive data through the following steps:
Innovative technical means to generate emails appearing to be officially from Google.
Bypassing protection systems and traditional spam filters to reach the main inbox.
Exploiting users' trust in trusted Google services to pass links leading to external pages.
Directing victims to a fake login interface that perfectly matches the design of the "Microsoft 365" platform.
Capturing usernames and passwords immediately upon entering them on the specially prepared hoax page.
Despite Instagram platform's firm denial of any breach to its systems and its assurance to users that their accounts remain secure, a state of confusion prevailed among experts and users alike during January.
While the company acknowledged a technical issue that allowed an "external party" to push the platform to send legitimate password reset requests, it did not provide clarifications about the identity of this party, which raised questions among security specialists.
In contrast, "Malwarebytes" doubted this denial, confirming through a post seen millions of times that the emails were a direct result of a data-selling process involving about 17.5 million accounts on a hackers' forum, indicating that the data could date back to a leak that occurred in 2024, according to the platform (BBC).
While other researchers believe it could be an old database compiled from public information in 2022, the prevailing technical advice remains to directly approach the app to secure accounts away from links, ensuring the highest levels of digital protection.
