Instagram Archives – Gridinsoft Blog https://gridinsoft.com/blogs/tag/instagram/ Welcome to the Gridinsoft Blog, where we share posts about security solutions to keep you, your family and business safe. Fri, 06 Oct 2023 05:55:16 +0000 en-US hourly 1 https://wordpress.org/?v=64903 200474804 Protection Against Instagram Scams: What You Need to Know https://gridinsoft.com/blogs/instagram-scams-protection/ https://gridinsoft.com/blogs/instagram-scams-protection/#respond Thu, 08 Jun 2023 10:12:20 +0000 https://gridinsoft.com/blogs/?p=15065 Instagram, one of the world’s most popular social media platforms, turns out to be far from secure for its users. Serious security issues often arise, leading to the loss of accounts and personal data. However, the most unpleasant part awaits you ahead. When you try to recover your data, you’ll realize that the support is… Continue reading Protection Against Instagram Scams: What You Need to Know

The post Protection Against Instagram Scams: What You Need to Know appeared first on Gridinsoft Blog.

]]>
Instagram, one of the world’s most popular social media platforms, turns out to be far from secure for its users. Serious security issues often arise, leading to the loss of accounts and personal data. However, the most unpleasant part awaits you ahead. When you try to recover your data, you’ll realize that the support is not always as helpful as you wanted it to be. But how to protect yourself against Instagram scams? Let’s have a peek.

Phishing in Instagram

First and foremost, let’s review what do we have to deal with, precisely – which Instagram scams can you face. Phishing in Instagram is not significantly different from classic phishing. This attack involves malicious actors attempting to gain access to user accounts by deceiving them. Overall, it can be categorized into three types:

Fake messages

Probably, the most often case of Instagram scams is one which uses fake messages. These can be messages from fake stores offering barter deals (even if you have minimum followers) or from dubious persons with incredible offers. Often, these messages come from users with a username like @te2togwaste, who have only one follower, and claim that you have won a lottery, while sending you the profile of an original brand.

Fake offer Instagram
Partnership Proposal from a Fictitious Jewelry Brand

Another method is receiving messages from pseudo-Instagram support. It is likely that the message will be about an attempt to hack your account and a suggestion to click on a link to prevent it. Typically, such messages come from an unknown phone number or from someone like @instsupport002 directly in the app’s direct messages. In these cases, the goal is to trick you into providing personal information or clicking on a “magical” link with the same intention. You may not notice the scam effects first, but be sure – it will surface at some point. In its guidelines, Instagram asks to report such accounts and contact a real support if there’s a possibility of account compromise. This approach is right, but I have several other pieces of advice – so keep reading.

Investments scam accounts

Investment scam is certainly the most odious kind of a scam, that was depicted in movies and met by almost everyone. Among Instagram scams, it gained increased popularity since 2020, particularly during the cryptoboom. There is a chance of coming across an investment account with a decent audience of up to 20K. Such a number of followers can inspire trust. These accounts will offer “profitable investments” and “guaranteed success”, various pyramid schemes, and so on.

The methods used by these scammers to lure their potential victims may include sending private messages inviting them to participate in lucrative programs, offering individual consultations, or even showcasing “real profit” charts. These scammers create the appearance of reputable investment companies or successful traders. You may see professionally designed accounts, photos of luxurious cars, vacations at exotic resorts, and lavish houses. Though, it is worth noting that a couple of minutes of open-source intelligence will reveal you the ability to rent all this luxury stuff hourly or daily.

Instagram scams financial
Example of Fraudulent Financial Offer on Instagram

A characteristic trait of scammers of this type is phrases like “I don’t understand why people still use *something* and don’t know that you can make money from it…” or “How I made $1000 in just a couple of days.” And all for one purpose – to make you send them money. Crooks can ask for minor sums first, quickly inflating their demand to several thousand dollars. At the end, they either block you or simply ignore any questions regarding the deposit. If you detect such a profile – well, you cannot do a whole lot except contacting support.

Celebrity phishing

Or simply whaling. Judging by the name, it is clear that these Instagram scams use big fish as a bait, in this case, the pages of large network restaurants, celebrities, or trusted brands that the audience relies on. Scammers “borrow” some power from the image of who they try to mimic, and then use it to satisfy their nefarious desires, manipulations, and schemes.

Account owners will do everything possible to get rid of this fraudulent parody. Unfortunately, they don’t have a lot of options: either ask the audience to report the fake or to contact Instagram support. The latter, though, may be problematic, to say the least.

Instagram Support – Is It Effective?

You may have noticed that I mentioned contacting support as a prevalent option for any cases of Instagram scams. But, thing is, Instagram support may be frustrating to use. Alongside the phishing problem, another serious concern for Instagram users is the poor performance of the platform’s support team. Many users report the inefficiency and lack of response from the Instagram support. This problem persists for years, and have already created a lot of sour feedback from the users.

When users encounter problems such as account access loss or other issues, they obviously turn to Instagram support for help. However, many of them experience disappointment due to the lack of response, its slowness, or the inability to receive clarification regarding their problems. This creates an impression that the support team is either incapable or uninterested in resolving user issues. Naturally, this causes significant stress for users and jeopardizes their personal security and confidentiality.

What Can You Do?

Unfortunately, it is unlikely that Instagram will change its approach to this situation in the near future. However, here are a few tips to keep your personal data safe:

  • Set up two-factor authentication (2FA) for your account. Use a third-party authentication app like Google Authenticator or Microsoft Authenticator instead of relying on SMS messages. SMS-based 2FA can be vulnerable to hacker attacks. There are plenty of options for effective and secure multi-factor authentication – be sure to check all of them.
2FA Instagram
Guide on How to Enable Two-Factor Authentication
  • Use a strong password for your account. Avoid using obvious passwords such as “123456” or “password.”
  • Instagram allows you to review all the places and devices where you have logged into your account. If you notice unfamiliar sessions, such as from Vietnam where you have never been, immediately log them out and change your password.
  • Be cautious with messages from unknown users. Do not open links provided in such messages as they may lead to scam pages or contain harmful software.
  • It is important to remember that no legitimate company or trader will invite you to participate in investment programs through personal messages on Instagram.
  • Lastly, consider the possibility of using other social media platforms and apps that offer similar features. For example, Flickr, Imgur, Pinterest, or Retrica could be alternatives for you.

The post Protection Against Instagram Scams: What You Need to Know appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/instagram-scams-protection/feed/ 0 15065
12 Instagram Scams to Know and Avoid in 2023 https://gridinsoft.com/blogs/top-instagram-scams/ https://gridinsoft.com/blogs/top-instagram-scams/#respond Fri, 30 Dec 2022 10:21:40 +0000 https://gridinsoft.com/blogs/?p=12898 Nowadays, it’s hard to find someone who has not heard of Instagram. Whether you use it to see what’s new with your friends or to kill time watching cat videos, the app has just about everything. However, besides entertaining videos on Instagram, some things can negatively impact your financial health. Cybercriminals couldn’t get past this… Continue reading 12 Instagram Scams to Know and Avoid in 2023

The post 12 Instagram Scams to Know and Avoid in 2023 appeared first on Gridinsoft Blog.

]]>
Nowadays, it’s hard to find someone who has not heard of Instagram. Whether you use it to see what’s new with your friends or to kill time watching cat videos, the app has just about everything. However, besides entertaining videos on Instagram, some things can negatively impact your financial health. Cybercriminals couldn’t get past this service and are using the app to scam people online. Today, we will look at the most common and relevant Instagram scams and find out how to detect, report, and avoid them.

The most common types of scams on Instagram

Since Instagram was founded, mobile scammers have devised many ways to scam users. From seemingly lucrative investment offers to fake job offers, scammers can try to carry out their dirty plans differently. Here are the most common and relevant scams on Instagram today that you should avoid:

Influencer scams

While many legitimate influencers on Instagram exist, not all influencers are the same. Some are fake accounts created to trick gullible users. Instagram influencer scams include accounts with fake followers and likes, racy profile pictures, and promoting investment opportunities or financial services. In some cases, it is possible that the account was once real but was hacked.

Phishing scams

Like classic phishing attacks, Instagram phishing scams come with a sense of urgency. You may receive an urgent direct message (DM) or email telling you to take action, or your Instagram account will be “suspended”. In such messages, scammers impersonate the official Instagram support account and try to convince users that your account is in danger. Such attacks are often accompanied by requests for personal information. This information may include your username and password and alerts that you need to check your account for “suspicious activity”. To avoid this, it’s critical that you keep all account information private from others. And remember, Instagram will never send you a message about your account.

Fake job scams

Unfortunately, many people lost their jobs during the pandemic. Fraudsters have tried to take advantage of the situation by promoting fake job postings on Instagram, and they’ve partly succeeded. Phony job scams often include messages from fake recruiters, links to artificial job applications, and requests for your personal information. However, once you give a so-called recruiter your confidential information, they can use it to steal your identity, emptying your financial accounts. In some cases, it has ended up taking over your Instagram profile.

Music promotion scams

This scam is much more specific and can apply almost exclusively to musicians. If you share music on Instagram, you may fall victim to music promotion scams. The music promotion scams usually start with DMs from fake music promotion accounts. If so, the scammers may ask for money in exchange for a promotional post, claiming they can help increase your music streams. Sometimes, these accounts have many subscribers, views, and likes. At first glance, it may seem like there are thousands of people listening to your music. However, these are often bot accounts. Hence these Instagram views will not lead to new listeners on streaming platforms.

Sponsorship scams

Fake sponsorship scams (sometimes called Instagram ambassador scams) on Instagram also use fake or hacked accounts. However, these accounts pretend to be legitimate brands instead of posing as an influencer. Similar to the previous points, signs of sponsorship scams start with DM from fake brand accounts, which often ask to pay them to advertise. They may also ask for your personal information and, in some cases, offer to be an ambassador. They may promise a free trip or discounted travel, such as for a private meeting or photoshoot. Such situations are often fake and are only used to steal your personal and financial information. All such contacts require a thorough analysis.

Lottery and giveaway scams

Another standard Instagram scam scheme is a fake lottery and giveaway. Typically, these scams are designed to steal your information by convincing you that you have won a prize or contest. First, they congratulate you in a direct message and tell you that you have won an award. Next, scammers ask for your personal information to send you a prize. Sometimes they ask you to follow a link that redirects you to an insecure website. Rascals sometimes hijack real accounts or pretend to be someone running a legitimate giveaway. That’s why it’s essential always to be careful and keep personal information private from someone you’re not sure about.

Crypto scams

These days, it’s almost impossible to be on the Internet without hearing about cryptocurrency. Unfortunately, scammers here also managed to take advantage of the situation to scam Instagram users. The main signs of a crypto scam on Instagram can be considered any DM from extraneous accounts is claiming they can make you rich. In doing so, they ask you for payment or personal information. The only thing that can happen to your investment if you contact such scammers is that you lose it.

Romance scams

Romance scams can make you and your account vulnerable to hackers. In addition, these scams can be frustrating, often causing emotional and financial pain. Here, too, it’s all classic, DM from a fake account, lengthy romantic communication, then requests for payment, gifts, etc. In such attacks, scammers use the most sophisticated lies and social engineering to manipulate you and extract your money and personal information.

Investment scams

Similar to crypto scams, many scammers target those looking for extra money. They will send DMs and offer investment opportunities, so it’s best to be wary of any cash exchange or get-rich-quick schemes. The red flags of this scam include DMs from people with luxury lifestyles and promises of wealth and financial success. In return, you will be asked for an initial investment, often using mobile payment apps. However, once the scammer gets your initial investment, you will never hear about him again, and he will continue to try to do so with others. Alternatively, the crook will convince you to make another investment, which is promised to cover the previous losses.

Fraudulent Instagram account

Fake product scams

And the most massive scheme is the counterfeit items and online shopping scams on Instagram. Such scammers often buy a promoted Instagram account with many followers, which makes them more convincing. The red flags of this scam are

  • Fake products ads
  • Heavily discounted prices compared to other stores
  • Links to questionable sites
  • Requests for personal information to complete the purchase

Not only that, once you’ve given the scammers your personal information, you could lose access to your Instagram account, could get a fake version of the product you ordered, or, even worse, they could steal your identity.

Paid subscription scams

Another scam you should look out for is paid subscription scams. Scammers may offer access to genuine subscription services at a reduced price in these scams. The red flags, in this case, are account advertising of a lifetime or discounted admission to subscription services, requests for payment and personal information, and links to fraudulent sites. Usually, these are popular subscription services such as Netflix, Spotify, or Xbox Live. Again, we recommend only subscribing to a subscription service on the official website.

Blackmail scams

Sometimes hackers can break into an Instagram account and try to blackmail you as a form of harassment or for financial gain. This is all accompanied by threats to reveal personal information and claims that the hacker has access to your files. However, the hacker may not even have any information he claims to have. These are common attempts to scare you into complying with their demands.

What to do if you were scammed on Instagram

To protect yourself and your Instagram account, follow these steps:

  • Don’t reply or click on links. Whenever you receive fraudulent messages on Instagram, the best solution is not to respond or click on any links.
  • Block the account. The scammer won’t trouble you if he realizes you won’t fall for his tricks. To block someone on Instagram, click on their profile, tap the three-dot icon in the top right corner of the screen and select “Block.”
  • Report the account. Follow the same steps above, but select “Report” and follow the instructions on the screen to let Instagram know the specifics of the scam.

Report Ad button Instagram

This way, you can protect yourself and help Instagram prevent fraud with these accounts.

How to avoid Instagram scams

To reduce the likelihood of fraud, follow these cybersecurity tips:

  • Use common sense. So it is if you’re offered a deal that seems too good to be true. Always be cautious and use common sense when communicating with other Instagram users.
  • Enable two-factor authentication. Using 2FA can help prevent outsiders from accessing your Instagram account, even if they gain access to your password.
  • Look for the confirmation check mark. If someone texts you from an account claiming to be an influencer or brand account, look for the blue verification check mark next to their name. Luckily, anyone on Instagram can’t buy it for $8, and it’s probably a fraudulent account if there’s no checkmark.
  • Don’t link your Instagram with third-party apps. In some cases, third-party apps may request access to your Instagram account. Before you say yes, research and ensure the app is legitimate, as some apps can collect and sell your data.
  • Make your account private. If you set your Instagram account to private, then only approved users will be able to view your account. You can do this by clicking “Settings,” selecting “Privacy,” and then turning on the “Private Account” feature.
  • Use strong passwords. If you don’t do this item, all others will go to waste. So to keep your Instagram account as secure as possible, it’s essential to use a strong password. This can help prevent scammers from hijacking your Instagram account through password spraying or other tactics.
  • Never click on suspicious links. In many cases, Instagram scammers may try to direct you to a malicious website. To avoid this, only click links you’re sure about.
  • Shop only from verified accounts. Since Instagram added the shopping feature, many companies have started advertising and selling products online. Unfortunately, scammers pretend to do the same. To be safe, buy only from verified accounts with a blue check mark.
  • Use an antivirus app. You can install an antivirus app on your mobile device for an extra layer of protection. This will help protect your phone from mobile threats, including viruses, malware, and spyware.

By following these tips, you can browse Instagram without worrying about scams.

The post 12 Instagram Scams to Know and Avoid in 2023 appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/top-instagram-scams/feed/ 0 12898
“Get Rich With Bitcoin” Instagram Bitcoin Scams https://gridinsoft.com/blogs/instagram-bitcoin-scams-2022/ https://gridinsoft.com/blogs/instagram-bitcoin-scams-2022/#respond Thu, 13 Oct 2022 13:31:02 +0000 https://gridinsoft.com/blogs/?p=11067 Instagram is a vast social network with over a billion active users. Fraudsters do not miss the chance to develop clever schemes on this platform, to deceive users and steal data. These activities are often not run by hackers with high skills but ordinary people who want financial gain. In this article, we will talk… Continue reading “Get Rich With Bitcoin” Instagram Bitcoin Scams

The post “Get Rich With Bitcoin” Instagram Bitcoin Scams appeared first on Gridinsoft Blog.

]]>
Instagram is a vast social network with over a billion active users. Fraudsters do not miss the chance to develop clever schemes on this platform, to deceive users and steal data. These activities are often not run by hackers with high skills but ordinary people who want financial gain.

In this article, we will talk about Instagram Bitcoin scams, as cryptocurrency and its activities have become popular worldwide. To avoid becoming a victim of fraud in this area, we will guide you on what Instagram Bitcoin scams are and how to protect yourself and your money from them.

Common Instagram Bitcoin scams

There is no end to people complaining on Facebook about losing their money to Bitcoin pyramid schemes. As for Instagram, there is a growing market of scams promising users to get rich quickly. These scams include Get Rich Quick Bitcoin Pyramid and Cash Cow Pyramid Schemes.

1. Big wins, short timespan:

People who talk about making large returns on smaller investments or pressure to transfer money quickly are warning flags. Anyone contacting you about a “Bitcoin mentor” should be avoided.

fake bitcoin offer
Example of large returns on smaller investments

2. Could you send me the money?

Investing funds in someone else’s digital wallet via purchasing cryptocurrency is a waste of time and money. This is similar to a request to give a loan to a stranger, without anything to guarantee a return.

3. Hostage-style scams to cryptocurrency:

Many videos on success claims made by Bitcoin are creepy videos produced by previously scammed people. Users are asked to record videos in exchange for rewards in bitcoins or fiats. Advertisement of such offers is spread on Instagram, which is senseless and untrue.

4. Changes in circumstances:

If you are asked to change the username and password of your account to the one that will send you, then the scammers are trying to get access to your profile on Instagram. In the future, fraudsters can perform unauthorized actions on your behalf, and you will not be able to influence them. So make up your passwords and logins that only you will know.

email was changed

How To Protect Yourself from Instagram Scams

• Double check the URL

If any unauthorized activity or something else occurs on your Instagram account, notifications about this will not come to your app. To avoid falling victim to fraud, check the official messages on Instagram that have been sent over the past 14 days. To do this, click "Settings". But if you have doubts that your account has been compromised, go into your "Settings" and click "Login Activity".

• Find the verified blue check mark

Official Instagram and celebrity accounts are often marked with a blue tick next to the user name. If you notice that you are being contacted on behalf of some brand, but this account is not confirmed as official, then it is likely not legitimate. If you want confirmation of whether this account is official, go into their profile and select "About This Account."

• Enable two-factor authentication (2FA)

Enabling two-factor authentication means that whoever logs into your account must pass an additional checkpoint. This means that after you enter your login and password. You will receive a confirmation code as a text message or e-mail. You will need to enter this code, and then you can log in to your account. In addition, 2FA also provides fingerprint or facial verification or a question you can only answer.

• Never trust the strangers with your money

Trusting someone with money is the last thing you need to do on social networks. Don’t be fooled if you’re offered something to do, publish a post, or make a video in exchange for a cash reward. This is most likely fraud, so you can compromise yourself, give bad reviews to others, and give out your payment and confidential data for money transfers, etc.

“Get Rich With Bitcoin” Instagram Bitcoin Scams

The post “Get Rich With Bitcoin” Instagram Bitcoin Scams appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/instagram-bitcoin-scams-2022/feed/ 0 11067
Facebook explained reasons for the global failure https://gridinsoft.com/blogs/facebook-explained-reasons-for-the-global-failure/ https://gridinsoft.com/blogs/facebook-explained-reasons-for-the-global-failure/#respond Tue, 05 Oct 2021 14:23:36 +0000 https://blog.gridinsoft.com/?p=5989 Yesterday, Facebook, Instagram and WhatsApp did not work for more than five hours around the world and after fixing the problems, representatives of the social network explained the reasons for the global outage. The failure was caused by a BGP routing issue. Currently, all services are already operating normally. Amid problems with access, rumours of… Continue reading Facebook explained reasons for the global failure

The post Facebook explained reasons for the global failure appeared first on Gridinsoft Blog.

]]>
Yesterday, Facebook, Instagram and WhatsApp did not work for more than five hours around the world and after fixing the problems, representatives of the social network explained the reasons for the global outage.

The failure was caused by a BGP routing issue. Currently, all services are already operating normally.

Amid problems with access, rumours of hacking and a colossal data leak began to spread across the network: the company was allegedly hacked and the information of 1.5 billion Facebook users was leaked to the network. This information turned out to be a lie.

Crash

On October 4, at about 6 pm Moscow time, Facebook, Instagram and WhatsApp went offline around the world. Apps didn’t work and browsers showed DNS error when trying to connect to sites. An attempt to connect directly to Facebook’s DNS servers also failed.

Facebook explained reasons for the failure

At first, it seemed that the problem was related to DNS, but later it turned out that everything is somewhat worse.

As experts including Giorgio Bonfiglio, head of Amazon AWS Technical Support, explained, Facebook’s routing prefixes suddenly disappeared from BGP routing tables, making it impossible to connect to any services hosted on those IP addresses.

As it turned out later, when social networks started working again, the experts were completely right. Facebook officials issued an official press release stating that the crash was caused by an error while changing the configuration of the backbone routers.

Our engineering teams found that configuration changes on the backbone routers that coordinate network traffic between our data centres caused problems that interrupted communications. This disruption to network traffic had a cascading effect on our data centres, making our services unavailable.wrote Santosh Janardhan, VP of Engineering and Infrastructure, Facebook.

It also reported that configuration issues have impacted the company’s internal systems and tools, making it even more difficult to diagnose and recover. It is worth saying that yesterday, numerous anonymous sources in the media and social networks reported that Facebook employees were not able to quickly get into their own data centres and access critical equipment, since real chaos reigned in the company itself due to a failure.

For a better understanding of what happened, Bleeping Computer explained that BGP (Border Gateway Protocol) is the routing protocol on which the entire Internet operates, it allows devices on one side of the world to connect to devices on the other using routes (prefixes).

To make it easier to understand: BGP is similar to the “mail system” of the Internet, facilitating the transfer of traffic from one (autonomous) system of networks to another. When a network wants to be seen on the Internet, they must communicate their routes or prefixes to the rest of the world. If these prefixes are removed, no one on the Internet knows how to connect to [Facebook] servers.said Lawrence Abrams, head and founder of Bleeping Computer.

Because Facebook configured its entire organization to use a domain registrar and DNS servers hosted on their own routing prefix, when the prefixes were removed, no one could connect to those IP addresses and the services running on them.”Facebook developers have already apologized for what happened:

Anyone affected by our platform disruptions today: sorry. We know that billions of people and businesses around the world depend on our products and services and must stay connected. We appreciate your patience.

Interesting consequences

  • Pavel Durov said that amid global shutdown of Facebook, Instagram and WhatsApp, Telegram’s audience increased by 70,000,000 people in one day. Durov greeted new users and promised that Telegram will not fail when others fail.
  • According to Haystack analysts, during the five-hour outage, developer activity increased significantly: the number of pull requests increased by 32%.

Fake leak

During the global shutdown of Facebook and other services of the company, a real panic arose on the network. The fact is that many media outlets reported that the failure did not occur by accident, the company was allegedly hacked, and now the personal data of one and a half billion users of the social network are sold on the darknet.

A huge (about 600 TB) dump that actually appeared recently on the RAID forum, allegedly contains names, email addresses, phone numbers, IDs, gender and user locations.

Facebook explained reasons for the failure

The problem is that this dump went on sale at the end of September, and the data, apparently, was collected using scraping (that is, collecting and aggregating already open data). Such databases appear on the black market regularly. Moreover, as noted by Vice Motherboard, other members of the hack forum have already accused the seller of fraud.

Scamer. Sends only [data sample] 20 users. No more. Doesn’t accept escrow (moderator). But he expects you to believe in the [reality] of these 20 samples and send him $5,000. Instead of 1.5 billion, I think it has data from 150 users for social engineering.writes one of the forum participants.
Hahahaha 600 TB of Mark Zucker’s burger selfies: D.another RAID user laughs.

Researchers at PrivacyAffairs report that while the seller is trying to deny these allegations and continues to claim that the data is genuine, but there is little faith in this, as many researchers and information security journalists note.

Let me remind you that I also said that Information of 533 million Facebook users leaked to the public.

The post Facebook explained reasons for the global failure appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/facebook-explained-reasons-for-the-global-failure/feed/ 0 5989
Hackers hide MageCart skimmers in social media buttons https://gridinsoft.com/blogs/hackers-hide-magecart-skimmers-in-social-media-buttons/ https://gridinsoft.com/blogs/hackers-hide-magecart-skimmers-in-social-media-buttons/#respond Mon, 07 Dec 2020 20:59:50 +0000 https://blog.gridinsoft.com/?p=4824 Sanguine Security analysts discovered that hackers are using steganography and hiding MageCart skimmers in buttons designed to post content to social media. Let me remind you that initially the name MageCart was assigned to one hack group, which was the first to introduce web skimmers (malicious JavaScript) on the pages of online stores to steal… Continue reading Hackers hide MageCart skimmers in social media buttons

The post Hackers hide MageCart skimmers in social media buttons appeared first on Gridinsoft Blog.

]]>
Sanguine Security analysts discovered that hackers are using steganography and hiding MageCart skimmers in buttons designed to post content to social media.

Let me remind you that initially the name MageCart was assigned to one hack group, which was the first to introduce web skimmers (malicious JavaScript) on the pages of online stores to steal bank card data. Surprisingly, this approach turned out to be so successful that the group soon had numerous imitators, the name MageCart became a household name, and now it is assigned to all the class of such attacks.

Steganography means hiding information within another format (for example, text within images, images within videos, and so on).

In recent years, the most common form of steganographic attacks has been hiding malicious payloads within image files, usually in PNG or JPG formats. Sanguine Security researchers tell.

Operators of web skimmers also did not stay away from this trend and hid their malicious code in website logos, product images or in the favicon of the infected resources.

Now, Sanguine Security experts write that SVG files, rather than PNG or JPG files, are used in new attacks to hide malicious code. Most likely, this is due to the fact that recently, protective solutions have become better at detecting skimmers in ordinary pictures.

In theory, it should be easier to detect malicious code in vector images. However, the researchers write that attackers are smart and designed their payload with these nuances in mind.

The malicious payload takes the form of an HTML “svg” element using the “path” element as a container for the payload. The payload itself is hidden using syntax that resembles the correct use of the “svg” element.says the experts' report.

According to experts, hackers tested this technique back in June, and it was discovered on active e-commerce sites in September, with malicious payloads hidden inside buttons designed to publish content on social networks (Google, Facebook, Twitter, Instagram, YouTube, Pinterest etc).

In infected stores, as soon as users navigated to the checkout page, a secondary component (called a decoder) reads the malicious code hidden inside social media icons and then downloaded a keylogger that would capture and steal bank card information from the checkout form.

What could be next, I told, for example, in a note: Magecart groupings extract stolen cards data via the Telegram.

The post Hackers hide MageCart skimmers in social media buttons appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/hackers-hide-magecart-skimmers-in-social-media-buttons/feed/ 0 4824