Experts engaged in ransomware removal have found that a popular social media website is bearing the latest brunt of ransomware. Instagram is facing a combination of phishing campaigns and ransomware attacks. Some victims have also been reported to have paid a significant sum for getting access back to their login accounts.
The hacked profiles are usually social media influencers that command a huge list of followers. Prominent Instagram influencers receive contracts from famous brands for marketing their products. These accounts then become their source of income.
Usually, in such cases, a cybercriminal poses as an official spokesperson from a reputable organization and contacts an Instagram influencer. Communication is initiated and devised in a cunning format that ends with an opportunity for an alliance with the organization.
Subsequently, the cybercriminal forwards a malicious hyperlink that appears as the profile page for the (fake) organization. As users type their login information to access and follow the organization’s page, their login credentials are saved and sent to a server. The server is located in a remote hideout of the cybercriminals.
Afterward, the cybercriminal reveals their true face and forwards a threat. The threat acknowledges the theft of the victim’s account. A 3-hour time limit is provided for ransom payment that must be paid in the form of Bitcoins.
For some people, the prospect of losing a social media account may not sound too daunting. Instead, they might completely ignore the demands of cybercriminals and register a new account. However, for social media influencers, these accounts are the result of their countless hours of hard work and effort. The thought of losing this work ––thousands of followers, memorable social media posts and interaction with others –– is enough for them to pay high ransom amounts for ransomware removal so their account access can be returned.
