Toggle sidebar Toggle sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Meta AI Support Bot Helped Hackers Hijack Instagram Accounts

MacRumors

MacRumors

macrumors bot
Original poster


Meta's AI support assistant has been helping hackers get access to high-profile Instagram accounts, according to reports on social media. With no verification check, Meta AI would change the email address associated with an Instagram account, allowing the password to be updated.

meta-ai.jpg

Meta introduced its AI support assistant back in December with the aim of making it easier for customers to access 24/7 account support. It can be used for reporting scams, getting information on content removal, and resetting passwords. The latter option is what bad actors were able to exploit.

The Instagram vulnerability showed up on social media over the weekend, with demonstrations of the simple steps taken to get access to an account. In one demo, a hacker asks Meta's support bot to change the email address linked to a target Instagram account, and the AI does it without question.

Meta's support did not do robust identity verification, and in some cases, it appears it bypassed two-factor authentication. All that was required was a VPN connection set to a location near the target account, which is trivial. Meta appeared to be verifying account ownership based on location. "Our systems recognize the device you usually use and familiar locations better than ever," reads Meta's blog post on its AI support agent. In some cases, users were asked to verify their identity with a selfie, which was bypassed using AI.

For a short period of time, the exploit was available to the public, and account takeovers ramped up. One security researcher said Telegram channels that offer black market Instagram services "made lots of $$$" with Meta's AI. 404 Media said hackers have been aware of the exploit since March.

Meta patched the issue over the weekend, and today, Meta's VP of communications Andy Stone said the issue has been fixed. Meta is now "securing impacted accounts."

Information about the Instagram attack vector comes after hackers were able to take over accounts for Sephora, the Chief Master Sergeant of the Space Force, researcher Jane Manchun Wong, developer Albert Renshaw who owned @Albert, and the archived Barack Obama White House account. Multiple other users with desirable Instagram handles reported having their accounts taken.

Some users who have had their accounts stolen over the weekend were not able to use the AI to get their accounts back, and there was no option to speak with a human for help.

Article Link: Meta AI Support Bot Helped Hackers Hijack Instagram Accounts
 
Article Link
https://www.macrumors.com/2026/06/01/meta-ai-instagram-attack/
  • Haha
Reactions: Radeon85, dimon2242 and UliBaer
I have a 3 letter instagram username and I often get password reset attempt emails for it, but had a huge number of these and text messages over the weekend, presumably due to this. This seems to have stopped today as it was getting quite annoying!
 
I suspect a similar exploit works for Facebook, or did for a time. A friend had his account hijacked recently. Apparently the takeover was as simple as changing the associated email address. Now the hacker is in and you are locked out. It took months for him to regain control of the account.
 
The fixing of this mess will be more expensive than use real human support in the first place.
Just another point against artificial "intelligence". If it really would be intelligent, it wouldn't fail in good faith...
 
When you churn out AI slop for pretty much anything, this kind of thing is inevitable.

I wouldn’t be surprised if this was built with the help of another half arsed AI without any sensible real person review, though there’s no way to prove it.
 
Artificial Intelligence is the biggest abomination in the history of information technology. Beyond insane that we are being force this madness down our throats with no safety checks / regulations.
 
Last edited:
  • Like
Reactions: EM2013
Just imagine when this escalates, where bad actors use these much-touted Agents to expand the process and/or look for exploits daily. It’s the Wild West of tech again, but this time it’s not Napster. One of the biggest security barriers we’ve had is that it takes a human time and effort, but that probably won’t be the case for long.
 
IJ Reilly said:
I suspect a similar exploit works for Facebook, or did for a time. A friend had his account hijacked recently. Apparently the takeover was as simple as changing the associated email address. Now the hacker is in and you are locked out. It took months for him to regain control of the account.
Click to expand...
My wife never got hers back. Facebook wouldn’t help and would always send reset requests to both her email and the false email the attacker added so they could block her attempts to get her account back.

She was finally able to get logged in briefly and delete all her data before he blocked her out again.

Facebook’s human based help team not only wasn’t helpful but actively thwarted her attempts to fix things by denying her driver license and other proofs of ID, yet this guy had none of that at his disposal.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back