News

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

By Ben Archer · Security Reporter 8h ago

Attackers exploited Meta's automated support bot to reset passwords and seize control of high-profile Instagram accounts over the weekend. The compromised accounts included the Obama White House Instagram handle and the Chief Master Sergeant of the U.S. Space Force account, both of which were briefly defaced with pro-Iranian imagery and messaging before restoration.

Instructions for exploiting the vulnerability circulated on Telegram, enabling threat actors to manipulate Meta's AI support assistant into initiating unauthorized password resets. The attack demonstrates a critical flaw in how Meta's automated account recovery system validates user identity. Rather than implementing robust multi-factor authentication checks or requiring manual verification for sensitive accounts, the bot appears to have accepted social engineering inputs that convinced it to process password reset requests.

The targeting of U.S. government and historical accounts signals that adversaries view high-profile Instagram handles as valuable targets for propaganda distribution. By defacing these accounts with pro-Iranian content, attackers achieved immediate visibility and potential credibility, given the accounts' large followings and official status.

This incident reflects a broader vulnerability class affecting automated customer support systems across major platforms. When bots handle sensitive account recovery functions without adequate verification layers, they become attack vectors. Meta's AI assistant apparently lacked sufficient safeguards to detect anomalies or require additional identity validation for password resets.

The incident carries direct implications for organizations relying on Instagram for official communications. Government agencies, corporations, and institutions cannot assume their accounts are protected by standard security practices. Account takeover attacks targeting administrative access points remain viable when support automation prioritizes convenience over security.

Meta has not disclosed whether it has disabled the exploited recovery method or implemented additional verification requirements. Organizations managing high-value Instagram accounts should immediately enable all available security features, including two-factor authentication, IP restrictions, and login alerts. The circulation of attack instructions on Telegram suggests other actors possess the exploitation method, creating a window of

Key facts

Attackers exploited Meta's automated support bot to reset passwords and seize control of high-profile Instagram accounts over the weekend.
The compromised accounts included the Obama White House Instagram handle and the Chief Master Sergeant of the U.S.
Space Force account, both of which were briefly defaced with pro-Iranian imagery and messaging before restoration.
Instructions for exploiting the vulnerability circulated on Telegram, enabling threat actors to manipulate Meta's AI support assistant into initiating unauthorized password resets.

Why it matters

This general story is part of CyberWireDaily's daily monitoring of sources, companies, institutions, and trends shaping security breaches, threats & cyber news.

Source context

This article summarizes and contextualizes reporting from Krebs on Security. The visible original source link is retained so readers can review the primary report directly.

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

Key facts

Why it matters

Source context

Related reading

Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded

Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Get Daily CyberWireDaily