Meta AI Bot Hijacks Instagram Accounts: Security Flaw

Hackers recently used Meta’s AI support assistant to seize Instagram accounts, including those for the Obama White House and the Chief Master Sergeant of the U.S. Space Force. These accounts were briefly defaced with pro-Iranian images and messages. Instructions on how to trick the AI bot began circulating on Telegram. The method involved using a VPN near the target's hometown, requesting a password reset, and then telling the AI assistant to link the account to a new email address. The bot then sent a one-time code to that new address, allowing a password reset. Hackers claim to have used this exploit to hijack valuable Instagram accounts, some with a resale value of over half a million dollars. Meta has not commented on the video claims, but a Meta spokesperson stated the issue was resolved and impacted accounts were being secured. An emergency patch was reportedly pushed over the weekend, with no back-end database breach. Experts warn that AI chatbots create new attack surfaces, making online accounts vulnerable to social engineering. This highlights the growing importance of using strong multi-factor authentication for all your online accounts.