{"id":730955,"date":"2026-06-02T10:21:39","date_gmt":"2026-06-02T07:21:39","guid":{"rendered":"https:\/\/buradabiliyorum.com\/en\/hackers-hijacked-instagram-accounts-by-asking-metas-own-ai-chatbot-to-reset-the-password-3\/"},"modified":"2026-06-02T10:21:39","modified_gmt":"2026-06-02T07:21:39","slug":"hackers-hijacked-instagram-accounts-by-asking-metas-own-ai-chatbot-to-reset-the-password-3","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/hackers-hijacked-instagram-accounts-by-asking-metas-own-ai-chatbot-to-reset-the-password-3\/","title":{"rendered":"Hackers hijacked Instagram accounts by asking Meta&#8217;s own AI chatbot to reset the password"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a21ed7c8b1d4\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a21ed7c8b1d4\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/hackers-hijacked-instagram-accounts-by-asking-metas-own-ai-chatbot-to-reset-the-password-3\/#TLDR\" >TL;DR<\/a><\/li><\/ul><\/nav><\/div>\n<div id=\"article-main-content\">\n<div class=\"postContent-tldr\">\n<h4 class=\"postContent-offsetTitle\"><span class=\"ez-toc-section\" id=\"TLDR\"><\/span>TL;DR<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><em>Hackers tricked Meta\u2019s AI support chatbot into adding their email to victims\u2019 Instagram accounts and resetting passwords. No victim email access needed.<\/em><\/p>\n<\/div>\n<p><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/techcrunch.com\/2026\/06\/01\/hackers-hijacked-instagram-accounts-by-tricking-meta-ai-support-chatbot-into-granting-access\/\" target=\"_blank\" rel=\"nofollow noopener\">Hackers hijacked Instagram accounts over the weeken<\/a>d by tricking Meta\u2019s own AI-powered support chatbot into granting them access. The attack required no access to the victim\u2019s email, no phishing link, and no malware. The hacker simply asked the chatbot to add a new email address to someone else\u2019s account.<\/p>\n<p>A video posted on X showed the step-by-step process. The hacker used a VPN to spoof the target\u2019s presumed location, avoiding Instagram\u2019s automated account protections. They then opened a chat with Meta AI Support Assistant and asked the bot to add a new email address to the target\u2019s account.<\/p>\n<p>The chatbot sent a verification code to the hacker\u2019s email address. The hacker shared the code back with the chatbot. The bot then displayed a \u201cReset Password\u201d button. The hacker entered a new password and took over the account.<\/p>\n<div class=\"inarticle-wrapper latest channel-cta hs-embed-tnw\">\n<div id=\"hs-embed-tnw\" class=\"channel-cta-wrapper\">\n<div class=\"channel-cta-img\"><img decoding=\"async\" class=\"js-lazy\" src=\"https:\/\/media.thenextweb.com\/hardfork-2018\/uploads\/visuals\/tnw-newsletter.png\"\/><\/div>\n<p><img decoding=\"async\" src=\"https:\/\/media.thenextweb.com\/hardfork-2018\/uploads\/visuals\/tnw-newsletter.png\"\/><\/p>\n<div class=\"channel-cta-input\">\n<p class=\"channel-cta-title\">The \ud83d\udc9c of EU tech<\/p>\n<p class=\"channel-cta-tagline\">The latest rumblings from the EU tech scene, a story from our wise ol&#8217; founder Boris, and some questionable AI art. It&#8217;s free, every week, in your inbox. Sign up now!<\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>At no point did the hacker need to access the legitimate email address linked to the victim\u2019s Instagram account. TechCrunch verified that the hacker\u2019s public email mailbox, displayed in the video, received the verification code. The attack exploited a fundamental flaw: the AI chatbot treated the person it was talking to as the account owner without verifying their identity.<\/p>\n<p>The compromised accounts included the Obama-era White House Instagram handle, which had been inactive since 2017, and the account of US Space Force Chief Master Sergeant John Bentivegna. Security researcher Jane Wong said her account was also taken over.<\/p>\n<p>\u201c<em>The password got changed without my knowledge and I was getting different password reset attempts throughout yesterday,<\/em>\u201d Wong said. \u201c<em>Quite concerning.<\/em>\u201d Multiple users on <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Reddit<\/a> and X reported similar hijackings over the same weekend.<\/p>\n<p>Instagram spokesperson Andy Stone said on Monday that the issue was fixed. It is unclear how many accounts were compromised. Meta did not respond to TechCrunch\u2019s request for comment.<\/p>\n<p>The attack is a textbook example of why deploying AI chatbots with account-level permissions is dangerous. Salesforce\u2019s Agentforce customers have been reluctant to let AI agents take financially meaningful actions precisely because of this risk. Analyst Rebecca Wettemann described the fear as \u201c<em>the AI running off in the middle of the night and refunding a bunch of transactions.<\/em>\u201d Meta gave its AI the ability to reset passwords, and the AI did exactly what it was asked to do, for the wrong person.<\/p>\n<p>The AI agent security landscape is producing new categories of vulnerability faster than companies can address them. OpenClaw\u2019s Claw Chain exploit weaponised an agent\u2019s own sandbox privileges. This Instagram attack weaponised an AI support bot\u2019s account management privileges. The common thread: when an AI agent has the authority to act, the security of the system depends entirely on whether the agent can verify who is asking it to act.<\/p>\n<p>The Meta AI Support Assistant was designed to reduce the cost of human customer service. It succeeded at that. It also created an attack surface that human support agents would not have: a human agent would have verified the caller\u2019s identity before adding a new email to an account. The chatbot did not.<\/p>\n<p>This is the third high-profile AI deployment failure in a single week. Starbucks scr<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ed its AI inventory system after nine months of miscounts. Waymo\u2019s flood recall failed within two weeks. Meta\u2019s AI chatbot gave hackers the keys to Instagram accounts. The pattern is consistent: AI systems deployed at scale fail in ways their designers did not anticipate, and the failures are more consequential than the efficiencies they were built to deliver.<\/p>\n<\/p><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMN63nwsw68G3Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" target=\"_blank\" >Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/thenextweb.com\/news\/hackers-tricked-meta-ai-chatbot-instagram-account-hijack\" target=\"_blank\" >Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>TL;DR Hackers tricked Meta\u2019s AI support chatbot into adding their email to victims\u2019 Instagram accounts and resetting passwords. No victim email access needed. Hackers hijacked Instagram accounts over the weekend by tricking Meta\u2019s own AI-powered support chatbot into granting them access. The attack required no access to the victim\u2019s email, no phishing link, and no&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-730955","post","type-post","status-publish","format-standard","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/730955","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=730955"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/730955\/revisions"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=730955"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=730955"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=730955"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}