A critical vulnerability in Meta's AI-powered support chatbot was exploited by hackers to hijack Instagram accounts, including that of former US President Barack Obama's White House account. The exploit involved tricking the chatbot into switching the email associated with a target account, followed by a password reset, effectively granting the attacker control over the account. This issue, which has since been patched by Meta, was demonstrated by a hacker in a video shared on Telegram. The vulnerability was particularly concerning given the high-profile nature of the compromised accounts, with the @obamawhitehouse account being used to spread Iranian propaganda. The fact that Meta's own AI system was used to facilitate these attacks highlights the potential risks of relying on automated support systems1. This incident matters to security practitioners because it underscores the need for rigorous testing and validation of AI-powered support tools to prevent similar exploits in the future.
Meta’s own AI was exploited to hijack Instagram accounts
⚡ High Priority
Why This Matters
In a video shared on Telegram , a hacker shows how they could take over an account by asking Meta's chatbot to switch the email associated with someone else's profile and then.
References
- The Verge. (2026, June 1). Meta's own AI was exploited to hijack Instagram accounts. *The Verge*. https://www.theverge.com/tech/941179/meta-instagram-ai-support-chatbot-exploit-hacked
Original Source
The Verge AI
Read original →