- The Washington Times - Tuesday, September 5, 2017

Cybercriminals selling access to a hacked Instagram database containing the contact information of the app’s biggest users claim to have already made more than $4,000 in spite of efforts to keep them offline.

The phone numbers and email addresses associated with Instagram’s high-profile account holders were recently compromised as the result of a software bug, and cybercriminals launched a website last week letting customers query the database for $10 per search.

The site, Doxagram, has been booted off at least two different web addresses since launching last Thursday, and Instagram and its parent company, Facebook, have registered hundreds of different domain names involving “Doxagram” ranging from doxagram.lol to doxagram.org in a effort to to keep the service from reemerging elsewhere with the same name, The Daily Beast reported Tuesday.

Despite the tech titans’ effort, a Doxagram administrator said the service generated over $4,100 in its first days days of operation.

“I’m pretty satisfied, especially considering most of it was over the weekend,” the person told The Daily Beast for Tuesday’s report.

Doxagram was still online Tuesday afternoon on the dark web, an unindexed and difficult-to-regulate portion of the internet typically accessed using specialized browsing software.

Neither Instagram nor Facebook responded to questions involving Doxagram, but an Instagram spokesperson acknowledged the service in a previous statement, The Daily Beast reported.

“We now also know that some individuals are attempting to sell the contact information that was obtained. We take people’s security very seriously and are working closely with law enforcement on this matter.”

Instagram warned its high-profile users Wednesday that the contact information of certain account holders had been compromised as the result of a bug affecting its API, or application programming interface. No passwords were leaked as a result of the bug, Instagram said, but cybercriminals could potentially exploit the exposed contact information nonetheless.

“We encourage people to be vigilant about the security of their account and exercise caution if they encounter any suspicious activity such as unrecognized incoming calls, texts and emails,” Instagram said.

Instagram boasts about 700 million registered users, including 375 million daily users. Doxagram’s stolen database includes the contact information for about 6 million Instagram users, according to its administrator, including accounts associated with President Trump and soccer star Cristiano Ronaldo, among others, The Daily Beast reported.

Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times is switching its third-party commenting system from Disqus to Spot.IM. You will need to either create an account with Spot.im or if you wish to use your Disqus account look under the Conversation for the link "Have a Disqus Account?". Please read our Comment Policy before commenting.


Click to Read More

Click to Hide