Hackers reportedly exploited a vulnerability involving Meta Platforms’ AI-powered support chatbot to take over celebrity and high-value Instagram accounts, according to security researchers.
The exploit was reportedly active for months before being patched, allowing attackers to steal and resell premium Instagram handles on the gray market.
How the exploit worked
Reports suggest attackers used a combination of VPN tools and account recovery flows to bypass basic verification steps.
They then interacted with Meta’s AI support chatbot, requesting it to change the email address linked to targeted Instagram accounts.
By masking their locations and initiating password reset processes, attackers were able to manipulate the system into approving account changes.
High-value accounts targeted
Security researchers say the stolen accounts included rare and high-demand Instagram usernames, which were quickly resold for significant sums in underground markets.
Some reports estimate that certain handles were valued at hundreds of thousands of dollars, with short usernames being especially valuable due to scarcity and branding potential.
Experts described the issue as a form of prompt injection attack, where attackers manipulate an AI system using carefully crafted instructions.
Videos of the exploit circulated in hacker communities and security forums, raising concerns about how AI systems handle sensitive account operations.
Prominent cybersecurity researchers also claimed that similar compromises had been observed since earlier this year, affecting thousands of accounts.
Temporary Compromises of High-Profile Accounts
In some cases, compromised accounts reportedly posted unauthorized content before access was restored.
Security researchers noted that even high-profile profiles were briefly affected during the exploitation window.
Role of two-factor authentication
Investigators noted that accounts with multi-factor authentication (MFA) were significantly more secure against the attack.
Even basic SMS-based verification helped block unauthorized access attempts in many cases.
Meta’s response and emergency fix
The vulnerability was reportedly patched by Meta on May 29 after increased public attention from researchers and security analysts.
Meta Platforms had previously promoted its AI support assistant as a tool designed to provide 24/7 automated help for account-related issues.
Broader security concerns around AI systems
Cybersecurity experts warn that the incident highlights risks in deploying AI systems with elevated permissions, especially when they can modify sensitive account data.
Researchers argue that stronger safeguards such as verification layers, rate limits, and anomaly detection are needed to prevent similar exploits in the future.
.jpg)
