26Ağu
(Re)Hacked Instagram accout even if Two Factor authentication was enabled
A friend of mine, let's call her Alice, had an Instagram account that was hacked. She uses an iPhone. The scenario looks like this:
- Alice gets a link from a Business Account via WhatsApp, and clicks it
- The page was simulating the Instagram login page, and she entered the credentials and submitted the form. The provided data was:
Instagram UsernameInstagram PasswordInstagram Email
- At this point, the attacker got access into her account and changed the email, password, hence Alice was not able to access the account anymore.
- Alice pays the attacker to give her the password, and
- Alice changes the email, the password, enables 2FA authentication and in the security pages logs out all the other devices, and disconnects Facebook from Instagram
- After a couple of hours, the attacker has access to her Instagram account again.
What we have tried:
- Forgot password:
- via old email, does not work because the email is not associated with any Instagram account
- via phone number, logs her into another account (about Vegan Recepies)
- The Instagram support form does not appear when access the forgot password even from the phone (the device she used a couple of hours before the attacker got access again), hence she cannot report the account as hacked.
How did the attacker got access the second time, even after changing the password and activating the 2FA authentication?
Is there any hope for Alice to recover the accout?
