Meta has patched a security vulnerability in its AI-powered support assistant after hackers reportedly used the chatbots to gain unauthorised access to several Instagram accounts, including a number of high-profile accounts.
’s AI-powered chatbot was manipulated by the attackers to gain access to Instagram accounts by linking a new email address with target accounts. Once the email was added, the chatbot was used for password resets, thus allowing control over the target account without the hacker needing the victim’s email address.
The issue came into light after users on Reddit and X reported a wave of accounts started getting hijacked over the weekend. Among the affected accounts were the Obama-era White House account, the account of the US Space Force’s Chief Master Sergeant, and several sought-after Instagram usernames.
Security researcher Jane Wong said her Instagram account was also taken over.
A video posted on X showed the step-by-step process to take over someone’s Instagram account. The attackers allegedly used a VPN service to appear as though they were accessing Instagram from a location associated with the target account. Then, they contacted the AI support assistant and requested a new email address with the account, and upon receiving a verification code at the attacker-controlled email, they would change the account’s password and gain access .
According to TechCrunch, the outlet independently verified a portion of the attack after confirming that a public email address featured in one of the demonstration videos received an Instagram verification code. However, the report noted that the exploit was not consistently successful on the first try, with attackers occasionally required to repeat the process before the chatbot responded as intended.
The incident has raised concerns about the use of AI systems in higher-risk areas such as customer support and account recovery.
Experts have pointed out that identity verification is still the most crucial component for security features, especially when automatic programmes are authorised to execute actions that impact an entire account.
On Monday, June 1, Instagram’s spokesperson Andy Stone said in a reply to Wong’s post that the issue has been fixed. Instagram has also stated that it is working on preventing further accounts from being compromised.
(This article has been curated by Shivani P Menon, who is an intern with The Indian Express)
