AGP Picks
View all

Meta Fixes AI Chatbot Flaw That Let Hackers Hijack Instagram Accounts

(MENAFN) Meta, the parent company of Instagram, Facebook, and WhatsApp, has patched a critical security vulnerability in its artificial intelligence support assistant that enabled hackers to seize control of high-profile Instagram accounts — bypassing standard security protocols entirely without requiring victims' email addresses or phone numbers.

"This issue has been resolved and we are securing impacted accounts," Meta communications official Andy Stone announced Tuesday on X.

The exploit, which surfaced on Telegram channels before being widely exposed on X, relied on a sophisticated sequence of steps. Attackers first used a virtual private network to mirror the geographic location of their target, defeating automated regional safeguards. They then triggered a password reset to open a chat window with Meta's AI Support Assistant — a tool rolled out globally earlier this year to handle account recovery and technical support.

From there, the method was alarmingly straightforward: the attacker simply instructed the chatbot to substitute the account's registered email address with their own. The system responded by dispatching an 8-digit verification code directly to the hacker. Once entered back into the chat interface, the assistant generated a password reset link — handing the attacker full control and locking out the legitimate owner entirely.

The breach swept through several prominent accounts over the weekend. Among those compromised were global beauty retailer Sephora, US Space Force Chief Master Sergeant John Bentivegna, and the official White House Instagram page associated with former President Barack Obama — a finding first reported Monday by entertainment outlet TMZ.

The Obama White House account, dormant since 2017, was briefly defaced with pro-Iranian imagery and messaging before Meta intervened.

The breach was first detected Sunday, after a series of irregular posts appeared on the compromised account — triggering an investigation that ultimately forced Meta to confront a flaw embedded within its own automated support infrastructure.

MENAFN02062026000045017169ID1111199974


Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Share this page:

Advanced Search Options

Search for:

Search scope:

Type:

Search in:

Date range:

The last

Sort by:

Sign up for:

Germany's Consumer Products Digest

The daily local news briefing you can trust. Every day. Subscribe now.

By signing up, you agree to our Terms & Conditions.