Use of mobile phone in trendy neon lights. Creative vivid color of ultraviolet red and blue. Hands of Teen Girl scrolling up photos Close-up at dark neon room. App for sale in shop. Social media.
16.11.2022 06:47
News
#risks

Entrepreneur recovers hacked Instagram by negotiating directly with hacker

Nina Laasonen, from Tampere, managed to recover her business’s hacked Instagram account. She explains what the experience taught her.

The Instagram account of the You Name It Oy company was hacked last June. The business received a scam message claiming to come from Instagram support. The message said the company had committed copyright violations and asked the business to verify its Instagram account. You Name It Oy sells personalized gift items.

“Because I’m not the only one who updates our Instagram account, there are often sign-in requests on the account. Because of that, I unfortunately ended up following that link quite routinely without so much as a second thought,” co-owner Nina Laasonen says.

The message the business owner fell for.

Soon after, the company was signed out of its Instagram account. The hacker changed the password and soon approached the business owner asking for €300 to restore the account. Laasonen attempted to contact Instagram’s maintenance staff, but without success.

Hacker approves offer

Laasonen found out that there are “helpful hackers” on Instagram who help restore hacked accounts by hacking them in exchange for payment. She contacted one such hacker.

“They promised to help us, but said it was a difficult job and said it would cost €1,500.”

Nina Laasonen

Laasonen did not agree to this. Unexpectedly, the original hacker got in touch again and said they wanted to deal directly with Laasonen.

“That’s when I realized I could negotiate with the original hacker.”

The negotiations went well: the hacker accepted her offer of restoring the account for €50. Laasonen made the payment via a known intermediary. She could not be sure the hacker would return control of the account once they had received the money. However, they did.

“They even helped me restore the account. I got a code I entered on Instagram and soon after that, the account was up and running.”

Spending on ads down the drain

After the hack, the name of the You Name It Oy Instagram account was changed and displayed to users as Stern123. Laasonen says this caused some reputational damage. Before the hack, the company had bought a paid promotion from Facebook, which was also shown on Instagram. During the hack, for a few weeks, the ads were displayed under the false trading name.

“I wouldn’t recommend paying the hacker, because there are no guarantees of them returning the account to you.”

Nina Laaksonen, business owner

“I wouldn’t recommend paying the hacker, because there are no guarantees of them returning the account to you.”

Nina Laaksonen, business owner

Before the hack, the account had around 3,000 followers. When the account was returned, those followers were still there, but Laasonen had to “revive” the account to reignite the followers’ interest.

“The lesson I learnt from the hack was never to turn over your password to anyone. It also crossed my mind that our online store could have been hacked, which would have meant a much greater financial loss. This hack only involved Instagram, at least.”

Despite successfully recovering her account, Laasonen does not recommend the same tactic to everyone.

“I wouldn’t recommend paying the hacker, because there are no guarantees of them returning the account to you. I’ve heard stories of hackers instructing people to pay by card using a link designed to skim the card details. It’s worth considering the amount of money you’d be ready to pay for your account in principle.”

Pauli Reinikainen