Hackers Used Meta AI Support Chatbot to Take Over Instagram Accounts

Instagram has addressed a security vulnerability that enabled attackers to gain unauthorised access to several user accounts. The method reportedly involved manipulating Meta’s AI-powered customer support chatbot into providing account access to individuals who were not the legitimate owners.

Over the weekend, multiple Reddit users reported that their Instagram accounts had been compromised. Similar warnings surfaced on X, where users reported account takeovers. Among the affected accounts were the Instagram profile associated with the White House during the Obama administration, which appears to have remained inactive since 2017, and the account belonging to U.S. Space Force Chief Master Sergeant John Bentivegna.

Security researcher Jane Wong also reported that her Instagram account was hijacked.

“My password was changed without my knowledge, and I kept receiving password reset attempts throughout the day yesterday,” Wong said. “That’s pretty concerning.”

A video shared on X appeared to demonstrate the process used to compromise an Instagram account. According to the footage, the attacker first used a VPN to mimic the victim’s expected location, reducing the likelihood of triggering Instagram’s automated security measures.

The attacker then initiated a conversation with the Meta AI Support Assistant and requested that a new email address be added to the targeted Instagram account. In the demonstration, the chatbot sent a verification code to the email address supplied by the attacker. After receiving the code, the attacker provided it back to the chatbot, which then displayed a “Reset Password” option. The attacker created a new password and successfully gained control of the account.

The publicly visible email inbox shown in the video received the verification code directly, allowing the attacker to complete the process.

A key aspect of the exploit was that the attacker never needed access to the legitimate email account associated with the victim’s Instagram profile.

On Monday, Instagram spokesperson Andy Stone responded to posts from Wong and other affected users, stating that the issue had been fixed. At this time, it remains unclear how many Instagram users may have been impacted by the vulnerability before it was resolved.