Dan Dyla
Alex Stevenson-PriceSo I've been secretly in a cold war with some weird crypto bros for like 6 months now, and worryingly in the last couple days it's looking like they've won. They wanted my Instagram handle, and somehow they've now got it. Without my consent. And it's kinda scary. Strap in for a toot storm (is that what we call it?) [1/16]
So it started around 6 months ago with a DM on that other place, it was from someone who claimed to be a "brand influencer" or whatever, with NFT profile pictures abound. They wanted to buy my Instagram handle for some stupid amount of money. I ignored it, because that's against the Insta ToS, and I didn't trust them anyway so what was the point in engaging. [2/16]
Over the following 6 months I proceeded to get more messages, in different venues, from different users offering the same thing. It got to the point where they found my husbands blog, found the contact form, and messaged him! Kinda desperate. [3/16]
I continued to ignore the messages, and started to find it kinda funny. The idea they wanted it so much and just couldn't understand why I wasn't replying to them was just... really funny to me? Satisfying. I don't owe them anything, right? [4/16]
So things changed last weekend. I opened Instagram on a whim and found I was signed out. Weird. I try to sign in and find the password and email on my account has changed. That's not good. At this point you're probably thinking "he had a weak password" or something, so let's briefly talk about the security on my account. [5/16]
It had a strong, unique, @1password generated password. It had 2FA enabled (with 1Password). It was also connected to my Facebook account, which also had a strong, unique password and 2FA. The email address is my Fastmail account at my own domain, protect with a st... you get the idea. [6/16]
So, back to last weekend. When they compromised the account they made one mistake: they didn't disconnect my Facebook account. I was able to sign in with Facebook, get the email changed back, change my password, replace the 2FA with a new one, disable password reset emails. [7/16]
At this point I was kinda worried, because I didn't know how they got in. I tried to contact Instagram but of course there's no way to do that. I took every step I could, audited my Facebook access logs in case they got in that way. But it didn't feel like I actually succeeded in plugging any holes because I didn't find any. š¤·š»āāļø [8/16]
Now it gets interesting: Instagram say if the email on your account is changed you will receive an email from [email protected] where you can reverse the change. I didn't receive that. I've checked the Fastmail logs and am absolutely certain that account has not been compromised. Not only that but Instagram have a complete log of emails they've sent you in the account settings and when I got back in to the account there was no record there of them sending me that email. [9/16]
What else can I do? I forget about it and move on with my life. Fast forward to last night, I open Instagram and I'm signed out. They got in again. And this time they've disconnected Facebook, changed my handle, and created a new account that's claimed my old handle. This is interesting because Instagram say you can't claim a handle from an account that's recently changed their handle (I've heard 30 days floated, but can't find official confirmation of that) [10/16]
Once again: no email, no sign my email has been compromised. The only theory I have right now is that they had someone inside Instagram do it. Maybe they paid that person what they offered me? [11/16]
So you're maybe thinking "Instagram must have a process for this, something you can do when your account is hacked?" and the answer is... kinda, but also it's completely useless. You follow the account hacked form on the website and it just endlessly redirects you to the "I need help logging in" page. If I follow the "I can't login" process for the handle they stole Instagram wants me to enter a previous password for the account, which I can't do because it's brand new (I tried). [12/16]
If I follow that for what they changed my handle to (which I guess is now my account) then they accept my password but want to send a login code to the email they changed my account to. How does that help?! I can find no way to contact a human, there is no other process to follow. I'm out of options. Stuck unable to get into the account that stole my handle or my original account. Totally locked out. [13/16]
The stupid part is I don't even care about my Instagram handle. I barely use Instagram these days, and the handle alexprice isn't one I use anywhere else; it reflects my pre-married name, so doesn't feel much like me anymore... but it's the fucking principle of the matter. It's my account and I don't want these asshole thieves to win... and right now, it looks like they have. [14/16]
To be fair to the weird crypto bros, I have no proof they are connected to whoever has compromised my account... but it's hardly a big leap is it?
If you're curious, here's my account with the bullshit handle I didn't pick: https://www.instagram.com/alexprimediallc/
And here's the account with my stolen handle: https://www.instagram.com/alexprice/ [15/16]
That's all I got. I'm stuck, and it seems like they've won. If you have any theories on how they did this, or you know anyone at Meta who could help; please get in touch with me! Hope you enjoyed reading this mess. ĀÆ\_(ć)_/ĀÆ Please boost the first post in this thread in case someone out there can help me! [16/16]
One thing I did try is filling out the "Report an account impersonating you" form, which is clearly not intended for the purpose I used it for, but was the only approach I could find that seemed to let me write text in a box that presumably a human at Instagram will see. So far I've only received some generic form responses, but fingers crossed that'll yield some results. š¤
Apparently Iām on the front page of Hacker News now š https://news.ycombinator.com/item?id=34547773
Iāve had a couple of Meta folks reach out, so Iām cautiously optimistic I might get somewhere? Fingers crossed the thieves wonāt win in the end! š¤
Amusingly, this thread has seemingly caused people to start following me on Instagram, on an account I cannot access, and yet Iām still getting push notifications for! ĀÆ\_(ć)_/ĀÆ
Two quick updates on my Instagram drama:
I'm not back in my account just yet, but it appears my account is back in its rightful place at https://www.instagram.com/alexprice/ so it looks like wheels are turning.
The second update I actually think is more interesting, and raises some more questions / mystery...
Remember I said I seemed to be gaining Insta followers from this and I could tell because I was still getting the push notifications? My Instagram account has gained over 500 followers in the last 12 hours. And they all have a pretty suss bot kinda vibe. Did the attackers also pay for a bunch of followers that are now just blindly following my account since it went back to its original handle? Are they trying some weird spam to make my old account useless? I don't understand!
Philipp@alexjsp no worries. You also got some followers on mastadon out of it. (At least meā¦ š)
Charles T@alexjsp Check again? It seems now that alexprice has photos of you and alexprimediallc no longer exists.
@CharlesMicah Oh thatās a very recent change! Interesting!
Jeff Atwood@alexjsp it honestly sounds like a bit of an inside job, as if they had contacts inside Meta who.. "did things". And knowing the historical morality of Meta, that doesn't surprise me a whole lot. It does suck though.
@codinghorror Yeah, thatās my assessment too. Assuming itās the same people who tried to contact me to buy the handle, I can well believe the money they offered could bribe someone on the inside into editing some fields they shouldnāt.
Richard Stelling@alexjsp has anyone reached out for the screenplay rights? š
@rjstelling My agent is talking to Netflix about a miniseries. š
jordancox@alexjsp I had the account @ jordan for about 10 years. Signed up on first day. Got endless requests for it. Was hacked similarly twice but had a contact at meta that helped. Year and a half ago my account got reported for āimpersonationā and meta contact wasnāt reachable anymore. Eventually account seemed to go to someone else. Endless traps in that reporting interface thatās impossible once you properly lose it. https://medium.com/@jordancox/how-my-beloved-instagram-account-jordan-which-brought-joy-to-millions-was-hacked-and-deleted-by-8d881466b933
How my beloved instagram account, @jordan, which brought joy to millions, was hacked and deleted by some asshole
(UPDATED 15 Apr 2022: Back in September 2021 my account got deactivated for āimpersonationā. I presume someone managed to convince an Instagram support rep that I wasnāt me, never mind that itās beenā¦
@jordancox Euch, that sucks. š Iāve heard a bunch of similar stories since sharing mine!
travis@alexjsp I had a similar issue on the bird site about a year ago, I had the handle @travis since 2007 and last year my account was hacked, not exactly sure how, but I think it was related to the SMS 'STOP' issue, handle was immediately transferred to a different account and now both accounts are suspended, I never got any replies from support just emails that the tickets were closed
Jonathan Lang@alexjsp seems instagram fixed it? The new account doesnāt exist anymoreā¦ do you have your access back?
Steve Riggins@alexjsp good luck. Insider activity scares me to the bones with so much of our lives tied up in the digital realm and the trust we have in these systems. I would like to move to a system where an insider cannot do something like change account ownership without a encrypted approval. But in the end every system will have a back door for support purposes
aardvark@steveriggins @alexjsp precisely why no investment of anything you care about should be entrusted to Elon (for example), Zuckerberg, or any VC-funded social media.
tetherpoint
afwaller@alexjsp something is very very rotten within instagram because Iāve heard of similar stories happening to multiple people with desirable account names. There is a significant problem in their process or there are compromised people within the org.
Leszek Ciesielski
Mike Malcangio@afwaller @alexjsp I don't understand the appeal of usernames on Instagram (no character limits like old-school twitter, etc.). Is it just because some names are easier to memorize?
I have mm2 on there and have received strange offers similar to @alexjsp. At one point last year I received thousands of password reset emails over the course of a month. I reached out to support to no avail (who's shocked?)
Daniel Thomas
Ćngel DomĆnguez š¹ 
@alexjsp Damn, Iām really sorry about that, and also newly worried about my account. I have one of those 3-letter handles, and I get constant attempts at stealing it. I felt a bit more at ease once they _finally_ implemented 2FA, but now not so much.
I hope you get help from an actual human and you recover your account.
@ahe Ooft, yeah I mean if āalexpriceā is a target you have to imagine anything with 3 letters is danger zone! š
Pyrex, nightsworn alchemisthey, when i click on `alexprice` i now see what looks like you, and the bullshit account appears to be gone. what do you see?
@pyrex Yep, same. I still donāt have access to the account but it does look like mine is back in its rightful place, so things are looking promising! š¤
Ten Cent Takes@alexjsp Have you tried reaching out to tech news sites about this? It seems like the kind of story that might get some traction
Steve Barnegren@alexjsp Dude that sucks. From Metaās pov should be pretty concerning too and would be worth someoneās time finding out whatās gone on here.
@SteveBarnegren Yeah, you would think right? Sadly it seems near impossible to get hold of a real human there. I sort of get it, Iām sure they get 1000s of issues like mine daily and 99.9% of them are gonna be weak passwords, or attempts to take over someoneās account or whatever. If I read a story like mine Iād think āhe probably fucked up his securityā so itās an uphill battle to convince people otherwise.
Elan Feingold@alexjsp something very similar happened to me https://medium.com/@elanf/my-account-was-stolen-and-instagram-wont-help-a998b4df1456
At the end I had to use a contact I got from KV (high up in FB) who miraculously managed to get the account back.
@leafmuncher Holy shit, such a similar story! š¤Æ Seems like they have a serious problem with this shit happening. (Although āelanā seems objectively more valuable than āalexpriceā)
@alexjsp insider shit for sure, everyone has a price. At least thatās my best theory.
@leafmuncher Yeah, itās the best theory I have. They offered me an amount of money for the handle that I imagine would be enough to buy out someone who could do it.
Iām sure itās possible thereās some kind of hole in my account security, but if there was I donāt know what it was, and it wouldnāt explain why I didnāt get emails that Instagram says they send when the email is changed, or how they were able to snatch the handle so quickly when itās supposedly locked for some amount of time.
Hugo Sousa@leafmuncher @alexjsp š±
Yeah, someone on the inside seems like the most likely answer. Crazy!
Spencer Hughes@leafmuncher @alexjsp Do you have a non-Medium version of this article? Iād love to read it but Medium wonāt let me without an account.
@spencer_hughes sorry, i donāt at the moment.
Joe Schmitt@alexjsp Jesus this definitely sounds like an inside job, or thereās a very bad non-public Instagram exploit. Sorry that happened to you š
Jordan@alexjsp That sucks, I'm sorry! @jackrhysider did an episode on something similar to this too: https://darknetdiaries.com/episode/97/
Jered Floyd@alexjsp itās pretty simple. They offered you a lot of $$$ and you said ānoā. So they went to a crypto-bro working at Meta and paid them instead.
Thereās audit logging and youāre big enough now that theyāll get fired, but for most people thereās just no way to escalate to a human and they win.
Thandrie