Hacked Robert Downey Jr.' Instagram account offered free iPhones

Avengers star Robert Downey Jr. got his Instagram account hacked: crooks placed links to survey scam sites that asked for personal information

Robert Downey Jr. Instagram account hackedAvengers star Robert Downey Jr. got his account hacked: millions of followers directed to survey scam sites

One of the most beloved Hollywood star Robert Downey Jr. recently announced about his Instagram compromise and urged his 43.2 million followers to stay away from it until the actor gains back the control of it. The Instagram hack resulted in millions of fans being surprised on Friday, as they were offered 2,000 iPhone XS' for grabs.

Social media account hacks are a relatively common occurrence, and TV stars, as well as other renowned figures, are not immune to them. Although it is yet unknown who the culprits are or how did they manage to hijack RDJ's Instagram account – the purpose of the hack was to make millions of users click on bit.ly links that would direct them to fake giveaway sites, conveniently asking for personal information.

In response, Robert Downey Jr. notified the confused fans on his Twitter account (which, fortunately, was not affected by the hack):[1]

I'm sorry to say my Instagram has been compromised… Please steer clear for the time being until it's sorted. Thank you all. I love you 3000.

Fake Apple giveaways have been prevalent for many years now. Quite often, adware-infected users are redirected to malicious survey scam sites that promise the newest iPhones and other expensive gadgets. Most recently, bad actors started abusing Google Calendar[2] in order to insert malicious links into calendar pop-ups from Google, directing users to scam sites that ask for personal information.

Not only iPhones offered

With a staggering amount of followers, it is not surprising that cybercriminals would target Robert Downey Jr. After taking over the account, they posted a picture with the following message:[3]


I'm giving away 2000x FREE iPhone XS' & MUCH MORE on my Instagram Story RIGHT NOW! Claim them before they're ALL gone!

However, that was not the only alteration made to the compromised account, as malicious actors also altered the link of the star's bio page. The bit.ly link shortening service was used to mask the obvious scam URL – a technique often used by cybercriminals to avoid suspicions.

The fake giveaways also promised Apple Watches, Tesla cars, and other too-good-to-be-true prizes in exchange for personal user information. Considering the high number of followers, it is highly likely that crooks managed to benefit from the account compromise of Robert Downey Jr. The star got his account back four days, and the fake link along the Giveaway picture was successfully removed.

Hollywood and other stars are not safe from social media account hacks

Robert Downey Jr. is not the only celebrity that fell victim to social media account hacks. Just a couple of weeks Twitter CEO and the co-founder Jack Dorsey got his personal account compromised and was contaminated with racial slurs as well as Nazi propaganda. Less than one week later, the actress' Chloë Moretz Twitter account was taken over and linked to Imgur and other sites with sexual content was posted by bad actors.[4]

It is suspected that both hacks were the work of Chuckling Squad – a cyber gang that abused the tweet via the SMS feature vulnerability from the mobile carrier, which was later fixed. However, because of the different nature of the hack, it is unlikely that Instagram hack of Robert Downey Jr. is related to these incidents.

In a previous incident late last year, the entrepreneur and Tesla CEO Elon Musk got his Twitter account compromised – the scammers promised 10,000 Bitcoins for those who first make a small transaction directly to bad actors' wallets.[5]

It is highly unlikely that one of the celebrities would actually engage in free giveaways that promise remarkable gifts for free. Thus, before engaging in such events, make sure it is legitimate, and be aware that your beloved starts would never ask for your personal information.

About the author
Olivia Morelli
Olivia Morelli - Ransomware analyst

Olivia Morelli is News Editor at 2-Spyware.com. She covers topics such as computer protection, latest malware trends, software vulnerabilities, data breaches, and more.

Contact Olivia Morelli
About the company Esolutions