Image Prompt A close-up shot from a side angle showing a person's hand typing on a smartphone screen in a dimly lit room. The phone screen displays a customer support chat interface with text bubbles and a prominent password reset button. Soft blue light from the screen illuminates the user's fingers, creating sharp contrasts and realistic skin textures, with a blurred background of a dark home office. Image Alt Text Close-up view of a hand interacting with an AI support chat window on a smartphone screen in a dark room. This relates directly to the image_589e82.jpg file which shows tech company logos including Meta AI and ChatGPT on digital screens.

How Hackers Conned Meta AI into Handing Over the Keys to Instagram

Hackers found a surprisingly simple way to break into Instagram accounts by tricking Meta’s own AI support chatbot. Instead of guessing complex passwords or writing sophisticated malware, attackers just talked their way past the automated system. The security flaw allowed bad actors to take over high profile accounts before Meta managed to plug the hole.

The trouble started bubbling up over the weekend when multiple people on Reddit and X noticed they were locked out of their profiles. The victims were not random users either. Attackers managed to seize control of the inactive Obama era White House Instagram handle, alongside the account belonging to the U.S. Space Force chief master sergeant. Prominent security researcher Jane Wong also reported that attackers hijacked her profile, noting that her password changed without her knowledge after she noticed a wave of password reset attempts.

A video shared on X eventually exposed exactly how the scam worked. The attacker started by spinning up a VPN to mask their location, preventing Instagram from flagging the login attempt as suspicious. Next, they opened a support chat with the Meta AI Support Assistant. Instead of asking for help with their own account, the hacker asked the chatbot to link a new email address to the target victim’s account.

The AI assistant complied without verifying the person’s identity. It sent a verification code straight to the hacker’s new email address. The hacker then fed that same verification code back into the chat window, prompting the chatbot to generate a helpful Reset Password button. From there, the attacker simply typed in a new password and instantly booted the real owner out of the account.

TechCrunch verified the method by checking the hacker’s public mailbox shown in the video, confirming it indeed received the official verification codes. The entire exploit succeeded because the AI never forced the attacker to prove they owned the original email address tied to the Instagram profile. The chatbot assumed the person on the other end of the screen was legitimate just because they could complete the code loop.

Instagram spokesperson Andy Stone confirmed on Monday that the company fixed the vulnerability. However, Meta did not share exactly how many users lost control of their profiles during the breach, nor did they respond to requests for deeper comments on why the AI assistant had so much power in the first place.

This incident highlights a growing problem with automated customer service. Companies rush to deploy AI assistants to handle high volumes of customer requests, often giving these bots the power to alter account credentials to save human workers time. When developers do not build strict verification guardrails into the software, the AI becomes an easy target for basic social engineering. Hackers realize they no longer need to compromise a user’s phone or email if they can just convince a helpful bot to do the heavy lifting for them.

XUNA AI
,
, , , , , , , , , , , , ,