Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The compromised account began sending direct messages to followers containing what appeared to be discount codes for popular brands, but instead directed users to convincingly designed credential-harvesting websites. Analysis revealed that this operation bears hallmarks of the financially-motivated threat actor tracked as TA505, known for their sophisticated social engineering tactics and banking malware deployment. The unnamed lifestyle blogger’s account was compromised on Monday, with attackers using their trusted platform to distribute malicious links disguised as exclusive promotional content. The Instagram Security Team has since regained control of the influencer’s account and is working with cybersecurity experts to analyze the full scope of the compromise. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. The attack employed a multi-stage approach, first compromising the influencer’s account through a spear-phishing email that mimicked an Instagram copyright violation notice. Once in control, the attackers methodically sent personalized messages to the account’s most active followers, creating a sense of urgency around limited-time offers that required immediate action. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. A prominent Instagram influencer with over 2.5 million followers became the unwitting host of a sophisticated phishing campaign this week. This script creates an invisible overlay atop legitimate banking login forms, capturing credentials in real-time and transmitting them to attacker-controlled servers. Users who may have interacted with suspicious links are advised to immediately change banking passwords and enable two-factor authentication on all financial accounts. The attack chain ultimately delivered a JavaScript-based payload that covertly harvests banking credentials. The malware employs sophisticated evasion techniques, including checking for debugging tools and virtual environments before executing its payload. “What makes this attack particularly concerning is the exploitation of trust between influencers and their followers,” explained Dr. Kaspersky researchers identified the campaign after several victims reported unauthorized banking transactions.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 06 May 2025 14:25:05 +0000