Hackers say they used Meta's AI support chatbot to change emails tied to Instagram accounts, amid a wave of high-profile account takeovers; Meta fixed the issue
The exploit shows the extreme risk of offloading technical support to AI. — Hackers say that they used Meta's AI support chatbot …
404 Media Jason Koebler
Related Coverage
- Hackers Used Meta's AI Support Bot to Seize Instagram Accounts Krebs on Security · Brian Krebs
- The Newest Instagram “Exploit” is the Goofiest I've Seen 0xsid.com
- Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts Ars Technica · Jeremy Hsu
- Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access TechCrunch · Lorenzo Franceschi-Bicchierai
- Hackers Exploit Meta AI Flaw to Hijack High-Profile Instagram Accounts The Hans India · Kahekashan
- Meta's own AI was exploited to hijack Instagram accounts The Verge · Emma Roth
- Obama's old Instagram account was reportedly hacked over the weekend. The Verge · Emma Roth
- Chief Master Sergeant of Space Force's Instagram hacked Task & Purpose · Nicholas Slayton
- Obama White House's Instagram Hacked TMZ.com
- Meta's AI Chatbot Allegedly Helped Hackers Hijack Instagram Accounts PCMag · Michael Kan
- Daily Tech News 2 June 2026 Ace of Spades HQ · Pixy Misa
- Meta's AI bot helped hackers steal Instagram accounts, and it was worryingly easy to trick Digital Trends · Rachit Agarwal
- How hackers tricked Meta AI into handing over high-profile Instagram accounts Livemint · Aman Gupta
- Hackers exploit Meta AI support bot to take over Instagram accounts, company patches flaw The Indian Express
- Meta AI let hackers hijack Instagram accounts: Is your data at risk? Digit · Ayushi Jain
- A chatbot just helped hackers hijack Instagram accounts KTLA · Josh DuBose
- Hackers got Meta AI to give them Instagram account access Social Media Today · Andrew Hutchinson
- Hackers Tricked Meta AI Into Handing Out Access to Major Instagram Accounts Gizmodo · Kyle Torpey
- Meta AI Support Bot Helped Hackers Hijack Instagram Accounts MacRumors · Juli Clover
- Instagram Hackers Get Access to High-Profile Accounts Just By Asking Meta AI Chatbot Tech Times · Jose Enrico
- Hackers Use Meta's AI Bot to Reset Passwords and Hijack Instagram Accounts Cyber Security News · Guru Baran
- Spotify could be giving you more freedom on how your profile looks to your friends, and I think it could be the start of the platform's much-needed social overhaul … TechRadar · Rowan Davies
- Meta's AI Support Bot Is Giving Hackers Access to Other People's Instagram Accounts Just by Asking Futurism · Victor Tangermann
- Meta AI Flaw Gave Hackers Access to Instagram Accounts iPhone in Canada · Usman Qureshi
- Hackers say that Meta AI helped them compromise big Instagram accounts Mashable · Matt Binder
- Space Force Instagram account hijacked with Iranian propaganda Washington Examiner · Max Grinstein
- Viral Video Exposes How Meta AI Allegedly Helped Hack Barack Obama's Instagram [VIDEO] TotalProSports · Darrelle Lincoln
- Meta AI Vulnerability Allegedly Enables Instagram Password Resets GBHackers Security · Mayura Kathir
- Meta has acknowledged the Instagram account takeovers in which hackers were able to just ask its AI support chatbot to change the email associated with an account and request a password reset with this one-sentence statement. @karissabe · Karissa
- I might as well give up on the strong authentication project* if services will allow for things like this: https://www.404media.co/... [*]: I will not give up on the strong authentication project. @rmondello@hachyderm.io · Ricky Mondello
- The newest Instagram “exploit” is the goofiest I've seen Hacker News
- Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts Beehaw
- Hackers Simply Asked Meta's AI To Take Over High-Profile Instagram Accounts Slashdot · BeauHD
- Hackers trick Meta AI into handing over Instagram accounts - including Barack Obama's Metro.co.uk · Josh Milton
- Hackers stole high-profile Instagram accounts by simply asking Meta AI nicely Android Authority · Aamir Siddiqui
- Nvidia corners the AI agent stack The Rundown AI
- Deleted an Instagram DM? Here's how you can recover it The Indian Express
- Apple Intelligence is coming at WWDC. Just don't call it AI Macworld · The Macalope
- Anthropic's IPO is no longer just a rumor Fortune · Andrew Nusca
- Meta AI was tricked into helping hackers hijack dozens of Instagram accounts PhoneArena · Mariyan Slavov
- Meta AI Hands Over High-Profile Instagram Accounts To Hackers SecurityWeek · Ionut Arghire
- Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked. … Simon Willison's Weblog
- Meta AI support chatbot gave hackers access to notable Instagram accounts Ars OpenForum
- Hackers tricked Instagram AI into letting them take over high-profile accounts [Video] 9to5Mac · Ben Lovejoy
- Instagram AI chatbot tricked by hackers to give access to others' accounts BBC · Liv McMahon
- Meta AI support flaw fueled a wave of Instagram takeovers Metacurity · Cynthia B Brumfield
- Barack Obama's Instagram Account Hacked Sandra Rose
- Hackers trick Meta AI chatbots into giving them access to high-profile Instagram accounts Dexerto · Michael Gwilliam
- Just ask the AI for what you want and Meta engineering might give it to you! — https://simonwillison.net/... @icing@chaos.social · Stefan Eissing
- Instagram users locked out after Meta AI abused to steal accounts BleepingComputer · Bill Toulas
- Hackers trick Meta AI support bot to infiltrate Obama White House Instagram account The Guardian · Sanya Mansoor
- Meta AI Tricked Into Handing Over High-Profile Instagram Accounts iDrop News · Chris Hauk
Discussion
-
@darkwebinformer
@darkwebinformer
on x
🚨 Instagram had an exploit that allowed you to use Meta AI to reset passwords to accounts with no MFA on them. The exploit was patched a short time ago. [video]
-
@andymstone
Andy Stone
on x
@howfxr This issue has been resolved and we are securing impacted accounts.
-
@zachxbt
@zachxbt
on x
@wirelyss @Polymarket It's likely because there was a massive Instagram / Meta exploit over the weekend that was just patched. Basically the Meta AI support is garbage and has lots of access perms which allowed you to reset passwords to any user without 2FA and did not verify who…
-
@wongmjane
Jane Manchun Wong
on x
Even my Instagram account got hacked The password got changed without my knowledge and I was getting different password reset attempts throughout yesterday. And I got repeatedly logged out from the IG iOS app Quite concerning
-
@oracles
André
on x
Today Instagram had this massive exploit where hackers were just stealing rare handles left and right. Hundreds of accounts gone. People losing handles they've owned since 2010, some worth hundreds of thousands. I own a few rare ones so I was actually stressed watching this ha…
-
@quinnypig
Corey Quinn
on x
Somewhere a Meta product doc says the support agent has “account modification capabilities to better assist users.” In other words it can hijack your Instagram and the only auth check is whether you typed a convincing sentence. Can't wait for their “cloud.”
-
@andymstone
Andy Stone
on x
@nikitabier @wongmjane This claim about world leaders is totally false. The issue that did happen has already been fixed.
-
@gergelyorosz
Gergely Orosz
on x
What I'm hearing: Instagram's Trust and Safery org absolutely gutted the last few weeks. ~60% of the org gone - between layoffs and forced reassignments to data labelling. All while “AI maxxing” pushed a bunch of bugs to prod. And hence why today's massive Insta account takeover
-
@gergelyorosz
Gergely Orosz
on x
Honestly suddenly banks requiring customers to either: 1. Have a physical second factor authentication device 2. Or show up, in-person, at the branch, with government-issued ID are looking a lot more resistant to AI-enabled hacks than “AI-pilled” companies like Meta that have A…
-
@jonoringer
Jon Oringer
on x
I got hit with this and blocked them before I opened the attachment ... about 10 DMs yesterday on Sunday - and even got a few more today.
-
@doodlestein
Jeffrey Emanuel
on x
It's crazy to see Meta spending so much to build up their AI initiatives and then do something as insanely value destructive as giving a half-baked, easy-to-trick AI agent the keys to the kingdom to take over valuable accounts. And then not have any kind of automated QA for it.
-
@supbagholder
@supbagholder
on x
Selloff today was probably deserved. Meta AI chatbot exploit allowed users to bypass 2fa and hack accounts. Already patched and fixed by Meta. But not a good look at all.
-
@gergelyorosz
Gergely Orosz
on x
It's wild how Meta - a company going all-in on AI - somehow missed the memo on how AI can generate images and videos that renders “take a selfie of yourself” verifications utterly useless So now Instagram accounts hacked at scale. 2FA also fully bypassed - by Meta's own design
-
@devahaz
Deva Hazarika
on x
@GergelyOrosz From this thread it's not clear this selfie verification even came up in the normal flow of this exploit
-
@yacinemtb
Kache
on x
imagine getting interrupted in the middle of labeling data to respond to this incident
-
@heaney555
David Heaney
on x
This is arguably the biggest security fuckup in the history of mainstream social media. Meta should be ashamed for letting this happen, and it should be triggering a serious rethink across the tech industry of how AI is used for customer support.
-
@gergelyorosz
Gergely Orosz
on x
Apparently this was not a sophisticated hack. But engineers at Instagram going overboard to use AI for everything, and having no incentives for stuff like... security. Inside the security org. You get what you incentivize. A warning for any company wanting to copy Meta...
-
@heaney555
David Heaney
on x
@andymstone ... Nikita is pointing out, correctly, that attackers could have used this to access the DMs of world leaders, because this (full-access!) exploit impacted any account included in the (fairly wide!) Meta AI Support Assistant rollout, even those with 2FA enabled. Do yo…
-
@gergelyorosz
Gergely Orosz
on x
Hearing how this is even more 🤡 than I assumed It's not about AI-generated selfies: it's that due to a bug, the check doesn't run, account takeover is trivial Instagram gutted its Trust & Safety org while those left are “AI maxxing”. So we get this
-
@gergelyorosz
Gergely Orosz
on x
@devahaz I'm hearing it did not, and internal speculations that it's thanks to pushing more and more AI generated code + much fewer left to review and catch stuff, between being laid off, and reassigned to data labelling (about 40% of the org moved off of security to label)
-
@suchenzang
Susan Zhang
on x
as an homage to its “move fast, break things” culture, and a response to mythos, meta simply decided to prove that cybersecurity doesn't actually matter
-
@kornbuilds
Korn
on x
my instagram (@ korn) was stolen overnight via the Meta AI exploit and was subsequently disabled. it was Meta Verified, facial scan verified, and had 0 TOS violations. the account is the sole source of my income. i spent 6 hours trying to get human support and meta's support AI g…
-
@binhonglee
BinHong Lee
on x
this is sad to read tbh (but not super surprising due to consolidation) but when i was there, IG T&S team consistently push for secure design and features. IG was *usually* more strict when it comes to how / why certain things should behave.
-
@jason_koebler
Jason Koebler
on x
New: Hackers have been stealing high-profile Instagram accounts by simply asking Meta's AI support chatbot to change the email associated with the account they want to steal. Shockingly easy, terrible flaw associated with offloading support to AI: https://www.404media.co/...
-
@immasiddx
Sid
on x
People are now tricking Meta's AI support assistant to gain access to other people's Instagram accounts. This is exactly why AI should never have the authority to make account recovery decisions. [video]
-
@bahrambiz
Bahram Sahbani
on x
Here is the full method: (How to hack Instagram accounts) Disclaimer: this video was posted on Telegram, and I have not attempted to use it. The purpose of this post is to show you how @AIatMeta sucks and how AI is falsely disabling accounts & has serious problems like these. [vi…
-
@weezerosint
@weezerosint
on x
meta put out a blog post 3 months ago bragging that their AI support reduced account hacks by 30%. yesterday the obama white house instagram got taken over using that same AI. you can't make this up [image]
-
@todayyearsold
@todayyearsold
on x
This is why people don't want AI replacing customer support
-
@vitalikbuterin
@vitalikbuterin
on x
This is why: * Self-sovereign identity, data and money (so you control your account, not a third-party provider) * CROPS AI (so other people cannot do this to *your computer* https://vitalik.eth.limo/... )
-
@sentdefender
@sentdefender
on x
Iranian hackers appear to have breached an Instagram account run by the Chief Master Sergeant of the U.S. Space Force, John F. Bentivegna, which has been posting Iranian propaganda for the last few hours, including an infamous psychological warfare broadcast made by Hanoi Hannah …
-
@cartidise
Noah Cat
on x
This is why I hate AI integration in social media apps This guy just exploited Meta AI to get access to an Instagram account in less than 2 minutes [video]
-
@lowleveltweets
@lowleveltweets
on x
there's no way this is real oh my fucking god tldr: AI support system accepts AI generated video of the users profile picture for email change and password reset. Great work as usual Meta
-
@osinttechnical
@osinttechnical
on x
Appears that the Chief Master Sergeant of the Space Force's Instagram account has been compromised by Iranian hackers, and has been posting Iranian propaganda for the last hour. [image]
-
@darkrai
@darkrai
on x
I have been hacked somehow when having 2FA on my account. There is a bug / exploit going around where anyone can login and change your password. @instagram I lost my user @darkrai from this bug and cannot do anything about it, please fix this shit
-
@natanael
@natanael
on bluesky
Dumbasses, trusting a dice roll machine to not roll the dice
-
@marygillis
Mary Gillis
on bluesky
Can't wait for this to happen to my CRA account after the government of Canada optimizes it for our brave new AI world.
-
@rahaeli
@rahaeli
on bluesky
New frontiers of achievement in “enabling social engineering account takeovers”, lol www.404media.co/hackers-simp...
-
@lawprofblawg
@lawprofblawg
on bluesky
Want to hack someone's account? Use AI! — www.404media.co/hackers-simp...
-
@joshuafoust.com
Joshua Foust
on bluesky
Guys I'm sorry but this is just objectively funny!
-
@datnofact
@datnofact
on bluesky
Who could have foreseen that giving customer-facing AI chatbots access to internal system tools would go wrong. [embedded post]
-
@faineg
Faine Greenwood
on bluesky
Hey you know what I've been saying for the past decade about Meta being both extremely evil and extremely stupid — www.404media.co/hackers-simp...
-
@golikehellmachine.com
@golikehellmachine.com
on bluesky
if this is what's happening, it's not an “AI” problem as much as it is a staggering product management and security failure [embedded post]
-
@lizharvey
Liz Harvey
on bluesky
I'm laughing as someone who lost an Instagram account that I had for over 10 years because no one works for this company. There's no customer support. There's no getting an account back. — The only success stories you hear is because someone personally knew one of the few emp…
-
@404media.co
@404media.co
on bluesky
This is what happens when you replace customer service with an AI chatbot: Instagram users getting hacked in the dumbest possible way. @jasonkoebler.bsky.social has more. — Read now: www.404media.co/hackers-simp...
-
@joemenn
Joseph Menn
on bluesky
In other news, a large number of security experts were among the thousands laid off by #Meta last month. [embedded post]
-
@lauren.rotatingsandwiches.com
Lauren
on bluesky
a small part of the problem with AI is that even if you see good use cases for the technology, focusing on them is a little like saying radiotherapy is going to be great for treating cancer while stores still have radium toothpaste on the shelves — www.404media.co/hackers-simp.…
-
@karlbode.com
Karl Bode
on bluesky
this really is wild — they just asked Meta AI chatbot support for access to high profile accounts and it obliged — comes after Google complete broke its search results — these are not serious, capable companies deserving of professional respect. they rushed shit product to…
-
@josephcox
Joseph Cox
on bluesky
This is absolutely nuts: hackers are hijacking high-profile Instagram accounts by simply asking Meta's AI chatbot to change the email on the account. Meta's AI does it, hacker gets password reset code, they're in. A staggering security issue — www.404media.co/hackers-simp...
-
@nslayton
Nicholas Slayton
on bluesky
Seems like the highest level hack of a U.S. military or defense official during the Iran War. Appears to have been limited to shit talking Instagram stories and one-two grid posts for several hours. taskandpurpose.com/culture/spac...
-
@nslayton
Nicholas Slayton
on bluesky
So pro-Iranian hackers got access to the top enlisted member of Space Force's Instagram and spent Sunday evening posting Ali Larijani fan cams, Hanoi Hannah audio and Game of Thrones memes. taskandpurpose.com/culture/spac...
-
@dangillmor@mastodon.social
Dan Gillmor
on mastodon
https://www.404media.co/... Meta, one of the richest companies in the world, can't be bothered to get basic security right.
-
r/theprimeagen
r
on reddit
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
-
r/pwnhub
r
on reddit
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
-
r/pcmasterrace
r
on reddit
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
-
r/50501Movement
r
on reddit
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
-
r/CyberNews
r
on reddit
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
-
r/UnderReportedNews
r
on reddit
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
-
r/antiai
r
on reddit
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
-
r/cybersecurity
r
on reddit
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
-
r/BetterOffline
r
on reddit
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
-
r/InterstellarKinetics
r
on reddit
BREAKING: Hackers Exploited Meta's AI Support Chatbot To Take Over High-Profile Instagram Accounts By Simply Asking It To Change The Email On Target Accounts …
-
r/technology
r
on reddit
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
-
r/Instagram
r
on reddit
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
-
@bryce
Bryce Roberts
on x
My wife's account was a part of this. No clear way to file a ticket give they used the same Meta AI support to hack it. If anyone at meta/IG can help us out we'd be incredibly grateful.
-
@goodlawproject.org
@goodlawproject.org
on bluesky
This is a mad story, and it won't be the last of its kind. — We're at a point where tech giants' eagerness to cram the most AI into their systems is totally overriding their responsibility to their users: — https://bit.ly/3REooLe