Meta Patches Vulnerability Allowing AI Chatbot to Hijack Instagram Accounts

Instagram has addressed a critical security flaw that enabled unauthorized actors to hijack user accounts by manipulating Meta’s automated AI support chatbot. The exploit allowed attackers to bypass standard security protocols by tricking the AI into associating a new email address with a victim's account. By spoofing the target's location via VPN and providing the AI with a malicious email, hackers were able to trigger password reset prompts and seize control of accounts without ever needing access to the original credentials.

The vulnerability gained significant attention after high-profile accounts, including those belonging to the Obama-era White House and the U.S. Space Force’s chief master sergeant, were compromised. Security researchers and affected users documented the process, highlighting how the chatbot’s automated verification flow failed to adequately authenticate the request, effectively granting the attacker administrative-level access to the victim's profile.

This incident underscores the growing risks associated with integrating AI-driven support tools into sensitive account management systems. While Meta has confirmed that the specific exploit has been patched, the event serves as a stark reminder of the potential for 'prompt injection' or social engineering attacks against AI agents. As companies increasingly rely on AI to handle customer support and account recovery, ensuring these systems have robust, human-in-the-loop verification remains a vital challenge for cybersecurity teams.