Answer the question
In order to leave comments, you need to log in
Suspicious instagram login, hack or system bug?
Hello, to be honest, there is some kind of devilry going on, there is no other way to say it. In general, today I found an input from an external device from an undefined location, that's okay, you might think well, they hacked with anyone, but there are a number of oddities
1) this input is displayed only in a letter in the mail and in the sent letters section in the application itself. Neither in the account login section, nor in the data access -> logins / logouts section, this activity is reflected, although entries in the latter cannot be edited and deleted
2) there is two-factor authentication, but with this activity there was not even a hint of SMS
3) the absence of any location at the entrance, even if a vpn or proxy was used, at least some location should be determined
4) no requests to change the password, phone, email have been received, the email also checked no extraneous activity.
Here I sit, smoke and think what the hell, I can’t express it differently
Answer the question
In order to leave comments, you need to log in
Hello.
This is not an entrance, but an attempt to enter - the difference is significant. To enter, you need to know your login / phone / mail + password, and if the data is correct, then you get into your account (maybe 2FA, but that's not the point). An attempt is when your username / phone / mail is entered in the login / password fields, but the password is some kind of random, or someone mixed up the accounts. When an attempt occurs from another device and from another city / country, the system sends a warning to the mail about this.
What I advise you to do:
00 - open the letter that came to the post office and open its source code (there will be technical data);
01 - check fields: Message ID
, From
, SPF
, DKIM
, DMARC
;
02 - Instagram sends its system messages from @mail.instagram.com, in this case, the mail should be [email protected]
;
03 - in the SPF field you will see the IP address - check it through this service ("Information" button);
04 - for safety, you can request a password reset yourself in order to receive a legitimate letter from the system, and compare the data from two letters (it is not necessary to change the password itself - you only need a letter);
05 - then check your account settings: these (all messages sent to you by the system), these (if there are any new applications in the list) and these (phone and mail).
A very similar situation, comrades.
Started the other day, so hurriedly registered to share.
I have even more oddities.
There is a two-factor, but today a window popped up in the application with "We detected an unusual login attempt, Moscow, confirm that it was you ... It's me, it's not me." In time, the conclusion suggests itself that it is neither me nor my device. My IP is not Moscow. There were no SMS. The entry section is naturally empty. Also in the first days of February, a notification came to the mail about the entrance in general from the city of Cheboksary, with Chrome Android. I didn’t make such inputs, and the strangest thing, like the author’s, is the SMS that didn’t come about a two-factor. I tried to replicate these two phenomena in different ways, and it was not possible to cause this either from a VPN or from different devices.
It is impossible to pick up my password (for example, knowing the old ones), this password was not used on other sites, phishing is brushed aside, because before these two seemingly impossible oddities, I changed my passwords. And all these anomalies began with a suspicious entry (“it was me, it wasn’t me”) in my empty account. That empty account was without two-factor, the password is also unique, suspicious login device: web version of the desktop (again, it couldn't be me). I wasn’t scared for that account, because I was able to call up such a window (it was me, it wasn’t me) simply by entering my data, but from a new device - I opened a window with confirmation of the number, and on the main device the same “this is me ,it's not me". Of course, I was surprised, and that is why I changed passwords everywhere. Then someone sent a link to restore my _main_ account, the message was not read, as if someone had just entered on purpose and pressed forgot the password on Insta - nothing strange, I thought, double-checking whether everything was fine with my protection. And after that, those two inexplicable oddities happened, which I myself could no longer repeat and call. I have been going through the explanations for several hours, but so far I have not found them.
Total. Points 1, 2 and 4 of the author coincide under the net. But the locations of suspicious entrances are determined. And the situation that is alarming is the sent request for account recovery, which was not read by anyone (which means that the mail was and remains protected). Which means it's more like there's someone on the other side. And not just a bug with mailings and inputs from Insta itself.
UPD. This is tin. I continued to look for the same people as me and the author, after the message m0ze that supposedly this is a frequent occurrence now. I found a small connection - this is a recently purchased phone from everyone who has such a tin. Embedded virus?
Exactly the same situation. There is an active discussion on peekaboo (more than a month). There are already many of us.
I do not know, you can leave a link to a third-party resource. I'll take a chance: https://pikabu.ru/story/povtoryayushchiesya_popyit...
As the previous commentator noted. The problem is serious and there is no response from technical support. I propose to stick together
I go to this social network from the phone and from the computer, this problem was very annoying because I had to constantly change the password. As a result, I read what users on the network write about it. The problem is very common. Moreover, this is not a prevented attempt with your password, no, it's just an attempt. Now every time I just confirm, whether it's IP from St. Petersburg or Dubai. Flight is normal.
I have a similar situation.
Worth two-factor protection. At 8:37 I received a letter about a new login to my account. Not an attempt, but an entrance, so it was successful. There was no SMS. The only difference is the city. Not mine.
It was definitely not me, because I was sleeping at that time.
In the list of inputs in instagram this input is not.
A similar situation was a couple of times before, also new logins to the account from another place, without SMS, every time after I changed the password, but the situation repeated itself.
Searching for the causes of the problem has so far turned up nothing.
The device I'm using is not new.
Now I remember, the problem started just after I put two-factor protection. While she was gone, such letters did not come.
This happened to me, too, just a few hours ago and before that several times, starting in December. I have three devices. Desktop (web), iOS, Android. Locations that are in letters or in alerts from Instagram: a couple of times not from Russia, several times from different cities of Russia, and random cities. After the first time it happened, I decided to install 2FA. But it still happened a few weeks later. Suspicious inputs were displayed several times in the application, several times in the mail. And no SMS codes came. Moreover, it is strange that there is nothing suspicious in the login activity, in the active session (there is no other person's device, there is no history of changing the password or phone or email address not from me). In general, very strange. It looked like it was with friends. It was also not possible to trace the special logic, in addition,
Oh, la, classic situation.
On December 30, 2020 it all started. I'm sitting, an alert comes, they say, an attempt to enter 'it's me, it's not me'. I don't remember the exact geo.
Okay, I think it’s an accident and I don’t seem to have any haters.
On January 10, 2021 at 7:19 a.m., a similar situation is repeated. Geo: India.
01/18/2021 at 12:28, geo: Turbo, Colombia.
01/28/2021 at 01:36, geo: Dhaka, Bangladesh
02/05/2021 at 16:16, geo: Zelenogorsk, Russia.
After the second time, I began to analyze, to look for a connection between the dates, but it was useless.
On the 5th, when my patience ran high after the last time, I opened pandora's box and decided to post it on tik tok. The video got 80k views and gathered 300+ people with the same problem. Someone keeps saying that this is just a brute force bot. Someone writes that Facebook leaked data, and someone that it's just a bug.
02/09/2021 at 02:40 was signed in through the xiaomi redmi 7A device, geo: Moscow. Only a message came to the mail, there was no notification saying I / not me. Two-factor included.
In general, it is not clear what it is, but the fact is that this problem is really global and it is strange that measures have not yet been taken on this matter.
these mobile applications are a breeding ground for vulnerabilities. My iPhone and devices that are nearby have been hacked. Strange, but true: everyone has remote access programs installed ...
Most likely, someone is leaking data. In Russia, simply no one will protect personal data and ordinary people, so thieves thrive
Today my wife's acc was taken away (10 thousand subscribers)!
It all started on Sunday, but they managed to fill out the account loss form there before they changed the profile name. Today they somehow changed the profile name, passwords and no SMS went through. hacking was in the morning, but alerts came only to the mail. Right now we can’t even figure out what the name of the new profile is, since their attackers changed it during the day, but right now it shows it empty. The appeal to the TP has not yet yielded any results
Today I was looking for channels in the telegram and noticed several bots for hacking instagram, facebook, vk, etc.
There were no bots before, here are the names of some of which I found: @inst_hacked_truebot and @hacked_inst_truebot
As I understand it, they were created by the same user.
I don't have an instagram, but SMS with the code still comes.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question