I logged in to facebook and instagram. Not a phishing URL. That was in February, nothing suspicious.
But recently, I got an email from Facebook and it’s in Russian. I suspect something here. Then someone from Russia successfully logged into my FB account and added some people and following some website. Crap, I knew I was compromised. So I changed my password and reverting those activities.
Then I got my instagram compromised, they wanted me to change my password, so I changed them again, and I have to change the FB password again. I did check if 2FA is activated and yes they are activated in every platform. Weird thing, how these hackers are able to bypass my 2FA?
I didn’t turn on VPN, and I didn’t installed VPN on Brave (only in secondary browser like chrome lol). However I wonder, does Brave hide my location? I got sus login from all platform besides FB and IG when using Brave.
Another question is, Have any of you (devs) get cyberattacked recently?