Hackers used Meta’s AI support chatbot to hijack Instagram accounts
Instagram account takeovers tied to Meta AI support bot
Hackers have been exploiting Meta’s AI-powered support chatbot to gain access to Instagram accounts, exposing a new kind of attack that uses an automated assistant as part of the intrusion path.
Instagram said Monday that it had fixed a security issue after several users reported their accounts had been compromised over the weekend. Posts on Reddit and X described similar hijackings, and the affected accounts included the Instagram handle for the Obama-era White House, which appears to have been inactive since 2017, as well as the account of U.S. Space Force chief master sergeant John Bentivegna.
Security researcher Jane Wong said her account was also taken over. “The password got changed without my knowledge and I was getting different password reset attempts throughout yesterday,” Wong said. “Quite concerning.”
A video posted on X appears to show the method used in the attacks. According to the video, the hacker first used a VPN to spoof the target’s presumed location, apparently to avoid triggering Instagram’s automated protections. The attacker then opened a chat with Meta AI Support Assistant and asked the bot to add a new email address to the victim’s account.
The chatbot reportedly sent a verification code to the attacker’s email address, which the attacker then relayed back to the bot. That interaction prompted the chatbot to display a “Reset Password” button, after which the attacker entered a new password and took over the account.
TechCrunch was able to verify that the hacker’s public email mailbox, shown in the video, received the verification code. The attack did not require the hacker to take control of the legitimate email address tied to the victim’s Instagram account, making the path to takeover unusually direct.
Instagram spokesperson Andy Stone said in response to Wong and others on Monday that the issue had been fixed. It remains unclear how many users were affected. Meta did not immediately respond to TechCrunch’s request for comment.
Sources:
Read more tech news on the Doppler VPN Blog.