According to the reports that we have gotten from our sources, Instagram is running tests on a two-factor authentication (2FA) solution which does not need the phone number of a user to function. Shortly after a Motherboard investigation on SIM hacking was published, Instagram stated that it was working on a more secure factor authentication. Just as it is with every other social media network, the soon to arrive factor authentication allows for authenticating with apps that generate codes like Google Authenticator and Authy.
Even though the confirmation that Instagram gave was brought about by the investigation, it seems that it has for some time been working on advancing past phone numbers. Jane Manchun Wong, an engineer and tipster discovered a prototype version of the updated two-factor authentication in the Android version of the social platforms APK code and it was even broadcasted on Twitter.
At the moment, Instagram allows to recover your account and log in on new devices as long as you’re able to confirm your identity with the use of a phone number that goes with your account. However according to our sources, there’s a new form of online theft where hackers illegally get access to an individual’s phone number and connects to a new SIM card. This they do with the aid of data say a social security number that may have been leaked out during any one of the many security breaches whose aim is to trick a telecom customer service agent to reassign a phone number to a new SIM card.
From that moment on, any hacker can extort their victims for financial gain or they could use the phone number and the benefits of phone number recovery to reset Amazon, Instagram, Twitter and other accounts. To be precise, hackers have their eye stuck on uncommon and profitable Instagram and Twitter handles as they have a high price tag on the virtual underground markets.
A lot of tech companies have built tools to protect against vulnerability of 2FA, it is interesting that Instagram has decided to be one of them.