Hackers Exploit Meta’s AI Chatbot to Hijack Instagram Accounts Hackers turned Meta’s own AI support chatbot into a break-in tool for Instagram, exposing how automating sensitive security tasks with artificial intelligence can make attacks both simpler and more damaging.

How the exploit unfolded

Meta rolled out its AI-powered support assistant in March 2026 with the promise to “resolve account issues from start to finish,” including resetting passwords and helping users regain access to accounts. Within weeks, hackers discovered that the bot would change the email on an Instagram account without proving who it was talking to.

Over a weekend in late May, attackers began using a VPN to mimic victims’ locations, opened a chat with Meta’s AI Support Assistant, and simply asked it to add their own email address to someone else’s profile. In a Telegram video, a hacker demonstrated they could “link a new email address” to a target account and then hit a “Reset Password” button, locking out the real owner.

The vulnerability meant “no phishing link, no malware, no SIM swap” was required; the chatbot treated whoever it was chatting with as the account owner.

High-profile and lucrative targets

The technique quickly spread through Telegram channels, where stolen “OG” single-word or single-letter usernames were advertised for sale. Among the accounts reportedly compromised were the dormant Obama White House Instagram profile, later used to post pro-Iran content, the US Space Force Chief Master Sergeant John Bentivegna, beauty retailer Sephora, and security researcher Jane Manchun Wong, who said her password “got changed without my knowledge.”

Meta’s response and ongoing concerns

Meta spokesperson Andy Stone said on Monday that “the issue that did happen has already been fixed.” Yet reports of hijackings continued the next day, with hackers claiming the exploit still worked.

Security experts argue the incident shows AI itself is becoming an attack surface. One analysis noted that attackers simply asked the AI customer support agent to link accounts to email addresses they controlled, and “the agent complied,” calling this a “practically mindless” exploit compared with sophisticated AI-enabled hacks.

Critics on social media called it “disaster from Meta AI,” questioning why a support bot was allowed to “perform critical actions like changing the email address of an account” at all.

Continue reading https://foxvector.com/stories/019e977d-ec74-20b2-712f-1852353b426e