How the heck I got hacked?

Status
Not open for further replies.

tiagocardoso

Regular Member
Oct 20, 2013
354
173
So, today I wake up with a lot of notifications on Instagram and I was surprised because I didn't post anything. So, I found out I was "hacked" - someone posted the typical scam of Elon Musk saying I'm giving away BTC and Elon Musk is cool, lmao... and they changed the privacy of my account to public.

My first instinct was deleting everything and check the login activity of my account, but everything was normal (?) weird, right? I also checked the apps connections, and nothing. Then, I checked if two factor was on, and it was!

So, it's super weird - how the heck they login in my acccount? I started searching online, but the only place people talk about this scam is on Reddit, but seems no one knows how the hackers do this. The pattern I found is almost all people who got hacked use iPhone and have Instagram on computer - maybe they got access with an extension of chrome or something like that!?

Someone here got hacked too before? How do you think these hackers do this? How to avoid?
 
Some of my friends also got hacked and post some random shit about lending money or something. I think your data got leaked by a website. I guess
 
So, today I wake up with a lot of notifications on Instagram and I was surprised because I didn't post anything. So, I found out I was "hacked" - someone posted the typical scam of Elon Musk saying I'm giving away BTC and Elon Musk is cool, lmao... and they changed the privacy of my account to public.

My first instinct was deleting everything and check the login activity of my account, but everything was normal (?) weird, right? I also checked the apps connections, and nothing. Then, I checked if two factor was on, and it was!

So, it's super weird - how the heck they login in my acccount? I started searching online, but the only place people talk about this scam is on Reddit, but seems no one knows how the hackers do this. The pattern I found is almost all people who got hacked use iPhone and have Instagram on computer - maybe they got access with an extension of chrome or something like that!?

Someone here got hacked too before? How do you think these hackers do this? How to avoid?
Looks like you have got a virus/trojan inside your device. I don't see any other explanation.
 
95% sure that you use your password / mail on multiple sites / services.
Once one got hacked they have access to almost all of your logins. (e.g. using SentryMBA or similar tools)
Thats why stay safe and use keepass.
 
Did you check the 3rd party apps permissions ?

Sure! Everything is normal.
Looks like you have got a virus/trojan inside your device. I don't see any other explanation.

That's kinda true. I'm checking everything now lol let's see...
95% sure that you use your password / mail on multiple sites / services.
Once one got hacked they have access to almost all of your logins. (e.g. using SentryMBA or similar tools)
Thats why stay safe and use keepass.
That's kinda interesting, because my password is 20 character and it's different from other places. Yet, to login, they need the factor authenticator XD weird as fuc*.
 
Sure! Everything is normal.


That's kinda true. I'm checking everything now lol let's see...

That's kinda interesting, because my password is 20 character and it's different from other places. Yet, to login, they need the factor authenticator XD weird as fuc*.

Using keepass the probability that you´re doing something unsecure is next to 0.
Since you´ll generate for every login a different password and even the passwords not containing any words or names.

But with 2 factor that´s extremly weird you got hacked, no idea how this could work. Your mail is hacked? Any Virus on PC?
 
Sounds like a cookie stealer, one of the most popular 'hacking' techniques, steals your chrome saved logins/passwords, and most importantly the cookies, so they don't even have to log in to instagram (thus bypassing the 2FA), only have to make requests using your session cookies.
 
Using keepass the probability that you´re doing something unsecure is next to 0.
Since you´ll generate for every login a different password and even the passwords not containing any words or names.

But with 2 factor that´s extremly weird you got hacked, no idea how this could work. Your mail is hacked? Any Virus on PC?
My password is kinda weird to decipher, but I guess it's not impossible yeah...
I'm checking now my computer - i already used rkill, Malwarebytes, adwcleaner and hitman pro and it's clean. I already checked my e-mail and no one got access (I have two factors active too). Weird :p i'm start thinking my iphone have something.

Sounds like a cookie stealer, one of the most popular 'hacking' techniques, steals your chrome saved logins/passwords, and most importantly the cookies, so they don't even have to log in to instagram (thus bypassing the 2FA), only have to make requests using your session cookies.

Hmmmm... interesting! And how we can check that?

Maybe you haven't been hacked...today is weekend, maybe you were drunk and started posting BTC giveaways

Ahahahah true story! But nah, I was literally sleeping lol
 
You probably got your cookie stolen, its like the hacker got a the same copy of browser as you are if its indeed then its not only instagram that is compromise all browser logins including Gmail, Youtube, Twitter and other sites that have your session cookies they can access.
 
You probably got your cookie stolen, its like the hacker got a the same copy of browser as you are if its indeed then its not only instagram that is compromise all browser logins including Gmail, Youtube, Twitter and other sites that have your session cookies they can access.

I already run hitmanpro, any idea of other software to clean that?
 
If I where doing this, I'd get your cookies (on the web app) and other such items that insta uses to verify its you to gain access to your account and somehow change the password through an exploit or just turn on 2fa and change ur password. Haven't looked around insta at all though, so take it with a grain of salt.
 
The Cookies method that they hacked with Linus tech tips Google accounts/Youtube might be at play in here as well
 
some time ago I used the same password to create logins on websites, it turns out that one of them leaked my password and many of these accounts were accessed by other people, it took a lot of work to change the most valuable ones for me, after that I started using a password for each site that I signed up for and never had this problem again, the same may have happened to you
 
Status
Not open for further replies.
Back
Top
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features and essential functions on BlackHatWorld and other forums. These functions are unrelated to ads, such as internal links and images. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock