Indonesian Political, Business & Finance News

Hackers steal Instagram accounts by exploiting Meta's AI chatbot vulnerability

| Source: ANTARA_ID Translated from Indonesian | Technology
Hackers steal Instagram accounts by exploiting Meta's AI chatbot vulnerability
Image: ANTARA_ID

A number of Instagram accounts have been reported hijacked after hackers successfully deceived Meta’s artificial intelligence-based help service, the Meta AI Support Assistant, to gain access to victims’ accounts.

According to reports from TechCrunch on Monday (1/6) local time, reports regarding this security vulnerability emerged after several users on the Reddit and X platforms claimed their Instagram accounts were taken over without permission. Affected accounts include the inactive White House Instagram account from the Barack Obama era, which has been dormant since 2017, as well as the account of US Space Force Chief Master Sergeant John Bentivegna. Cybersecurity researcher Jane Wong also claimed to be one of the victims in the incident.

To gain access to the victims’ Instagram accounts, hackers allegedly utilised the Meta AI Support Assistant chatbot to add new email addresses to the target accounts. In a recorded demonstration, the perpetrators first used a VPN service to disguise their location to avoid triggering Instagram’s automated protection systems. Following this, the perpetrators initiated a conversation with Meta’s AI chatbot and requested the addition of a new email address to the victim’s account.

The chatbot then sent a verification code to the email address provided by the hacker. Once the code was entered back into the chatbot, the system displayed an option to reset the account password. By changing the password, the perpetrators were able to take over the victims’ accounts without needing access to the original email address linked to the Instagram account.

Responding to the reports, Instagram spokesperson Andy Stone stated that the issue has been resolved. However, Meta has not disclosed the total number of Instagram users affected by these hacking activities.

View JSON | Print