Hackers Hijacked Instagram Accounts by Tricking Meta AI Support Chatbot
Major Security Breach on Instagram 🚨
Instagram has resolved a significant security issue that allowed several users’ accounts to be hacked. The attack relied on tricking Meta’s AI-powered support chatbot into granting access to a victim’s account. Over the weekend, numerous users on Reddit reported that their Instagram accounts had been compromised, with warnings of similar account hijackings surfacing on X.
The compromised accounts included notable handles, such as the Obama-era White House account, which has been inactive since 2017, and the account of the U.S. Space Force’s Chief Master Sergeant John Bentivegna. Security researcher Jane Wong also reported her Instagram account being taken over, stating, “The password got changed without my knowledge, and I was receiving different password reset attempts throughout yesterday. Quite concerning.”
A video shared on X demonstrated the step-by-step process used to hack someone’s Instagram account. The hacker allegedly utilized a VPN to spoof the target’s presumed location, avoiding Instagram’s automated account protections. They then engaged with the Meta AI Support Assistant, requesting the bot to add a new email address to the target’s account. The chatbot sent a verification code to the email address provided by the hacker, who then shared this code with the chatbot, prompting it to display a button to “Reset Password.” The hacker entered a new password, successfully taking over the victim’s account. TechCrunch verified that the hacker’s public email mailbox, shown in the video, received the verification code.
This attack was particularly concerning as the hacker did not need to take over the legitimate email address linked to the victims’ Instagram accounts. On Monday, Instagram spokesperson Andy Stone confirmed that the issue has now been fixed. However, it remains unclear how many users had their accounts improperly accessed.
For more details, check out the full article here: Read full article