Hackers used Meta's AI-powered support chatbot to infiltrate high-profile Instagram accounts, including Barack Obama's White House account, the company confirmed on Monday. The breach also affected the beauty retailer Sephora and US Space Force chief master sergeant John Bentivegna, according to 404 Media. Everyday users reported similar hijackings on Reddit and X over the weekend.
Security researchers and hacking groups posted videos and screenshots on Telegram showing how to steal an account. One video shared on X appears to show a hacker instructing Meta's AI assistant to link the targeted account to a new email address. The bot then sends a verification code to that email and asks the hacker to input the numbers in the chat interface. Once the correct code is entered, a button to reset the account's password appears.
In at least one instance, the hacker used a virtual private network to spoof the account holder's location and bypass Meta's safeguards. Meta stated: "This issue has been resolved, and we are securing impacted accounts." It is unclear how many accounts were affected.
The breach raises concerns about relying on AI for security measures such as passwords. Stolen account handles were reportedly listed for sale on Telegram. Meta rolled out the AI support assistant globally on Facebook and Instagram earlier this year, with capabilities including reporting scams and resetting passwords. The company has invested heavily in AI under Mark Zuckerberg, who has ordered a $145bn spend on AI infrastructure this year.
Aiden Sinnott, a principal threat researcher at Sophos, described the incident as a "prompt injection" attack, where attackers manipulate AI chatbots into carrying out malicious actions. "This type of attack will become increasingly common as more online services deploy these chatbots, often without adequate protections in place," he warned.
