What Happened: An AI Shortcut to Instagram Account Takeovers
Meta’s AI support chatbot vulnerability was a security flaw that allowed attackers to hijack Instagram accounts by persuading the automated assistant to change recovery details and reset passwords without confirming the real owner’s identity. The incident involved Instagram’s "Get Support" AI assistant, which appeared when attackers clicked “forgot password” on the login page after connecting from the same region as the victim using a VPN. Instead of following the normal password reset flow, hackers typed custom prompts, asking the chatbot to send reset codes or add a new email address controlled by the attacker. Videos posted on Telegram and X showed the bot sending 8-digit verification codes to attacker mailboxes, which were then used to set new passwords. This turned Instagram account security on its head: a bot meant to help users recover access became a tool for silent account takeover.
How the Password Reset Exploit Worked Step by Step
The password reset exploit combined location spoofing, social engineering of the AI bot, and misplaced trust in automated support flows. Attackers first used a VPN to route traffic through the same region as the target account, helping bypass some automated protections on Instagram’s login page. After selecting “forgot password” and entering the victim’s username, they clicked the “Get Support” button to open Meta’s AI support chatbot. Normally, the bot offers to send a password reset code to the owner’s email or phone. Instead, attackers typed prompts that requested the code be sent to a new email address, or asked the bot to add an attacker-controlled email as a recovery contact. According to TechCrunch’s reporting cited by Digital Trends, the verification code was sent to the hacker’s public email inbox, which the bot then accepted as proof to unlock a password reset button.
What the AI Chatbot Vulnerability Reveals About Security Gaps
This AI chatbot vulnerability exposed how an automated assistant can quietly undermine account hijacking prevention when granted privileged access to password reset tools. Traditional customer support agents are trained and audited to follow strict verification rules before changing emails or resetting credentials. The AI bot, on the other hand, interpreted text prompts too literally and treated the attacker’s requests as valid instructions. Meta’s own systems effectively allowed the bot to override safeguards that were designed for human agents. 404Media and others noted signs that versions of this exploit may have been possible for months, suggesting the flaw sat unnoticed in a sensitive workflow. Some Telegram users said the exploit failed on accounts with multi-factor authentication, while others reported losing accounts despite 2FA, highlighting how inconsistent protections can be when AI logic and security checks are not tightly aligned.
Meta’s Fix and What Users Can Do Now
Meta has patched the Meta security flaw, removed the known password reset exploit path, and is securing affected Instagram accounts, including high-profile ones like the former White House account and major brands. Instagram spokesperson Andy Stone confirmed the issue is fixed, but it remains unclear how many users lost access before the patch. Some victims are still struggling to reclaim accounts, underscoring how slow recovery can be once an attacker changes passwords and recovery emails. For personal Instagram account security, users should enable two-factor authentication, monitor login alerts, and regularly review connected email addresses and phone numbers. If you see unfamiliar password reset attempts, revoke active sessions and update passwords immediately. The incident is a warning: when AI is embedded into account recovery, any logic error or prompt misinterpretation can become a direct path to account takeover, so users must rely on layered defenses, not a single safeguard.
