Instagram alerts users targeted in AI chatbot hacking campaign
8 reported3 unconfirmed
A widespread hacking campaign that exploited Meta’s AI chatbot to take over Instagram accounts appears to have continued even after the company said the issue was fixed, according to TechCrunch. Over the weekend, hackers claimed to be using Meta’s AI support chatbot to hijack several high-profile Instagram accounts, and many users complained on social media about being hacked. The technique involved telling the chatbot that the hacker was the account owner and asking it to link the account to an email they controlled, allowing a password reset. Meta spokesperson Andy Stone said on Monday that “the issue that did happen has already been fixed,” but on Tuesday more users reported being hacked. TechCrunch saw discussions in a Telegram channel where the technique was publicized, with members claiming to still exploit the chatbot and advertising hacked handles for sale. Meta has begun notifying targeted users via email, warning of suspicious activity and asking them to reset passwords. Stone would not say how many users were hacked.
What’s reported
Hackers told Meta’s AI chatbot they were the account owner and asked it to link the account to an email they controlled, enabling a password reset.
No Meta employees or contractors were involved in the chat.
Meta spokesperson Andy Stone said on Monday that “the issue that did happen has already been fixed.”
On Tuesday, more Instagram users claimed to have been hacked.
TechCrunch saw Telegram channel members claiming to still exploit the chatbot and advertising hacked handles for sale.
Meta began notifying users via email that “suspicious activity” was detected and asked them to reset passwords.
Stone would not disclose how many users were hacked.
Meta announced in March it was implementing AI to automate support, including the ability to “reset your password securely.”
Open questions
How many users were hacked in total.
Whether the hacking technique has been fully resolved.
The exact number of high-profile accounts affected.
Key figures
Andy Stone, Meta spokesperson
John Bentivegna, U.S. Space Force chief master sergeant (account targeted)
Lorenzo Franceschi-Bicchierai, TechCrunch reporter
Sources: TechCrunch
