• Hey Guest. Check out your NeoGAF Wrapped 2025 results here!

Instagram was hacked by the dumbest method, because of AI

winjer

winjer

Gold Member


Hackers tricked Meta's AI chatbot into handing over Instagram accounts

Thanks to its ability to reset accounts, hackers recently tricked Meta's AI support chatbot into changing the email addresses associated with other users' Instagram accounts. While Meta says it has resolved the issue, the vulnerability represents a shocking oversight on the company's part.
Click to expand...
According to Telegram chat logs uncovered by 404 Media, hackers had been exploiting Meta's AI support chatbot to hijack Instagram accounts since the company introduced it in March. The records coincide with account takeovers involving high-profile figures, including former President Barack Obama and Space Force chief John Bentivegna.

Meta introduced the chatbot to help users quickly resolve issues concerning accounts, content, and misinformation. The assistant, available 24/7, can handle many requests without users ever interacting with a human.
Click to expand...
However, fully automating support required Meta to grant the AI sweeping powers, including the ability to automatically fulfill account reset requests. Ironically, the company's press release introducing the chatbot touts its ability to detect remote account hijacking attempts by monitoring for sudden activity from new locations, password changes, and profile edits.

Hackers circumvented the security measure by simply using a VPN to match the target's general region. Then, they would ask the chatbot to send an account reset code for the target's username to an email address of their choosing.

App researcher and former Meta employee Jane Manchun Wong claimed that the method worked on accounts belonging to her and other high-profile users. Hackers primarily targeted usernames that include popular words or few characters, which have a high resale value.
Click to expand...
2026-06-01-image-68-j.webp


You Are Dumb Mario Lopez GIF
 
The Simpsons GIF by MOODMAN
 
This is a growing trend I've been seeing a lot in the IT / security industry. These companies are trying to save money by hiring people who know how to use AI (aka anyone / people without a strong background), rather than people who know how to program correctly. AI is shockingly bad at giving confidently incorrect answers or terrible spaghetti code or mockup code that, to the untrained "programmer" just gets copy / pasted into a production system with zero oversight.

AI usage also seems to have eroded most people's critical thinking skills - as SJRB SJRB said anyone who would have looked at this functionality with any amount of scrutiny for human behavior patterns would have been able to predict this outcome.
 
jshackles said:
This is a growing trend I've been seeing a lot in the IT / security industry. These companies are trying to save money by hiring people who know how to use AI (aka anyone / people without a strong background), rather than people who know how to program correctly. AI is shockingly bad at giving confidently incorrect answers or terrible spaghetti code or mockup code that, to the untrained "programmer" just gets copy / pasted into a production system with zero oversight.

AI usage also seems to have eroded most people's critical thinking skills - as SJRB SJRB said anyone who would have looked at this functionality with any amount of scrutiny for human behavior patterns would have been able to predict this outcome.
Click to expand...
It's not even bad coding I think, it's that you can't actually predict what an AI is going to do. As soon as they gave the AI the ability to recover an account they opened themselves up to this, no matter what quality of coding they have. Human support can also get tricked into turning over accounts, but it would take a lot more effort than this - and you can more reliably train humans to not fall for it again.
 
Neogaf really should have its own chatbot.
But what should we call it? 🤔

My only request is that is has a bro personality. 100% bro culture.
 
I told people about something similar. I have my court hearing with Meta Platforms on July 2nd as it's affecting my business.

saintjules

Thread 'Anyone else's Facebook and/or Instagram accounts get disabled this morning?'

Looks like a bunch of people including myself have gotten their accounts disabled this morning without warning and no way to appeal. I am thinking it must be some bug/error.

Sent emails to appeals/disabled, but wondering if any users on here have found ways to retrieve their accounts in the past via Meta or by other means?
 
Last edited:
You must log in or register to reply here.

Similar threads

Booking.com was hacked, users are already getting phishing messages
News 
5
245
AJUMP23 replied
Claude AI might be the weirdest AI experience I've had yet.
29
739
DarkShadowXI replied
How do I fix 'loading instagram' embedded in threads?
15
242
Ocean Dweller replied
The dumbest and most absurd questions you have asked AI.
9
3K
SJRB replied
Val Kilmer Resurrected by AI to Star in ‘As Deep as the Grave’ Movie
2
51
1K
EverydayBeast replied
Top Bottom