Meta AI Exploit Led to High-Profile Instagram Account Takeovers, Now Fixed

Hackers exploited a vulnerability in Meta's AI-powered support chatbot to take over several high-profile Instagram accounts. The issue, now fixed by Meta, allowed attackers to manipulate the chatbot into sending password reset codes to email addresses they controlled. This enabled unauthorized access without needing the account owners' inboxes or phones.

Key Highlights

• Hackers used Meta's AI chatbot to access high-profile Instagram accounts.
• Attackers manipulated the chatbot to send password reset codes to their own emails.
• Meta has fixed the vulnerability and is working to secure affected accounts.

Details of the Security Breach

The vulnerability came to light over the weekend after accounts such as the Obama-era White House handle, beauty retailer Sephora, and US Space Force Chief Master Sergeant John Bentivegna were compromised. Security researchers ZachXBT and Dark Web Informer first reported the issue, revealing that threat actors had discovered a way to exploit Instagram's Meta AI assistant. This tool is designed to help users recover access to their accounts.

Reports on platforms like Reddit, X, and Telegram described multiple account takeovers. Attackers did not use advanced malware or phishing tactics. Instead, they targeted the AI-powered Support Assistant, which is meant to help with account recovery.

How Attackers Exploited the AI Chatbot

Attackers began by using a VPN to appear as if they were logging in from the same region as the targeted account. This helped them avoid Instagram's automated security checks. They then accessed Instagram's login page, selected the "Forgot Password" option, and initiated a conversation with the Meta AI Support Assistant using the "Get Support" feature.

Through carefully crafted prompts, hackers convinced the chatbot to add a new email address to the victim's account. Once the chatbot accepted the request, it sent a verification code to the attacker-controlled email address. After entering this code, the attackers could reset the account password, gaining control without needing access to the victim's actual email or phone.

In some cases, attackers simply instructed the chatbot to send password reset codes directly to their own email addresses. If successful, they could use the code to complete the takeover process.

Verification and Response

TechCrunch independently verified part of the attack. The publication confirmed that a public email address shown in demonstration videos did receive a verification code from Instagram. However, the exploit did not always succeed on the first attempt, and attackers sometimes had to repeat the process before the chatbot complied.

The incident raised concerns about the effectiveness of two-factor authentication (2FA). Some users reported that 2FA-protected accounts remained secure, while others lost access despite having additional security measures enabled. The exact interaction between the vulnerability and Instagram's authentication systems remains unclear.

Meta spokesperson Andy Stone confirmed on Monday that the vulnerability had been resolved. The company is actively working to secure affected accounts but has not disclosed how many users were impacted. Some users have reported ongoing issues regaining access to their accounts even after the fix.