Hackers exploited a flaw in Meta’s AI support bot to hijack Instagram accounts, including high-profile profiles and government accounts.
A security flaw in Meta’s AI-powered support system allowed hackers to take over thousands of Instagram accounts, including several high-profile profiles, before the company moved to shut down the exploit.
The issue came to light after attackers discovered they could manipulate Meta’s AI support assistant into changing the email address associated with a target Instagram account. Once the email address was updated, the attackers could request a password reset and gain full control of the account.
According to Meta, roughly 20,000 Instagram accounts were compromised before the vulnerability was fixed. Among the affected accounts were profiles linked to the White House archives, the U.S. Space Force and major consumer brands.
Researchers and hackers who demonstrated the flaw said the attack required no malware, phishing emails or password theft. Instead, attackers initiated a password recovery request and then used the AI support chatbot to add a new email address to the victim’s account. The chatbot reportedly completed the request without adequately verifying ownership of the account.
Videos shared online showed the process taking only minutes. In some cases, attackers allegedly used VPN services to appear closer to the victim’s location and avoid triggering automated security protections.
The incident has renewed concerns about the growing role of artificial intelligence in customer support and account recovery systems. Security experts warned that giving AI tools authority over sensitive account functions can create new attack paths when verification controls are not properly enforced.
Meta said it has patched the vulnerability, restored affected accounts where possible and implemented additional safeguards to prevent similar abuse. The company also acknowledged the broader impact of the incident, confirming that the number of compromised accounts reached approximately 20,000.
Users are being encouraged to review account security settings, ensure recovery information is accurate and monitor accounts for unauthorized changes, particularly if they experienced unusual login activity during the period when the flaw was active.
Related articles :
- Coruna iOS Exploit Kit Reuses Triangulation Zero-Days
- Interview with Pentester Cyberjagu
- Critical GitHub Enterprise Flaw Exposes Servers
Reports are sourced from official documents, law-enforcement updates, and credible investigations.
Discover additional reports, market trends, crime analysis and Harm Reduction articles on DarkDotWeb to stay informed about the latest dark web operations.
