Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access
The increasing integration of artificial intelligence into customer support systems has brought both convenience and new vulnerabilities. Recent events have shown that AI, while designed to streamline processes and improve user experience, can be exploited if not properly secured. In a concerning development, hackers managed to hijack Instagram accounts by manipulating Meta’s AI-powered support chatbot into granting them access to sensitive account functions.
This exploit highlights a critical flaw in systems that rely heavily on AI for account management and verification. The breach involved hackers tricking the AI assistant into granting access to high-profile accounts, including the U.S. Space Force’s chief master sergeant and the Obama-era White House Instagram account. Security researcher Jane Wong also confirmed that her account was among those compromised.
How the Hack Worked
The attack began with hackers using a VPN to spoof user locations, effectively bypassing Instagram’s automated protections that detect suspicious activity. Once inside the chat, the attackers asked the AI to add a new email address to the victim’s account. This triggered the system to send a verification code to the hacker’s inbox instead of the user’s. The process was documented in a viral X post, showing the AI assistant sending the code, which the hacker then returned to the bot.
This allowed the chatbot to display a “Reset Password” button, enabling the attackers to change the account password and gain full control. Notably, the hack did not require the attackers to breach the user’s existing email or password — just the AI’s ability to process and act on false information.
The Growing Risk of AI Exploitation
This incident underscores a growing vulnerability in AI systems that are increasingly responsible for handling sensitive tasks like password resets and account verification. While AI can improve efficiency and reduce human error, it also introduces new risks when not properly safeguarded against adversarial manipulation.
Security experts are now urging companies to implement multi-factor authentication (MFA) for AI interactions and to enhance anomaly detection systems to flag suspicious behavior. The incident has reignited discussions about the need for stricter validation mechanisms in AI-driven support systems, as current protocols often rely on automated verification through email or SMS — which can be bypassed by exploiting the AI’s trust in user input.
Meta’s Response and the Need for Transparency
Meta responded swiftly to the issue. On Monday, Instagram’s spokesperson, Andy Stone, confirmed that the problem had been resolved following reports from users and security researchers. However, the lack of transparency around the number of affected accounts has raised concerns about the scale of the breach and whether similar exploits could be carried out on other Meta platforms.
The implications of this attack extend beyond Instagram. As AI becomes more integrated into customer service, finance, and identity verification, the potential for abuse grows. The exploit demonstrates how a system designed for convenience can become a gateway for malicious actors if not adequately protected.
A Wake-Up Call for the Tech Industry
This breach serves as a stark reminder that trust in AI is not just a matter of convenience — it is a matter of security. Companies deploying AI in customer-facing roles must now consider not only the benefits of automation but also the risks of adversarial input and the potential for large-scale account compromises.
As AI continues to evolve, so too must the frameworks that govern its use. The future of AI integration in digital services depends on the balance between innovation and protection — a balance that has never been more crucial. The incident highlights the urgent need for caution and innovation in the development and deployment of AI technologies.
