Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

The Instagram incident highlights a growing security blind spot: AI‑powered customer support tools that handle sensitive account recovery tasks. While Meta introduced the conversational assistant to streamline password resets and reduce support latency, the bot’s willingness to follow user instructions without rigorous verification created a vector for social engineering. Attackers leveraged a VPN to appear near the target’s location, then prompted the AI to link a fresh email address, prompting an automated one‑time code that unlocked the account. This method sidestepped traditional human verification steps, exposing how automation can inadvertently lower security thresholds.

Industry analysts see this as a warning sign for any platform that outsources identity verification to AI. As Ian Goldin of Black Lotus Labs notes, AI chatbots inherit the same susceptibility to persuasion as human agents, but at scale and with fewer safeguards. The episode could accelerate scrutiny from regulators and privacy advocates, prompting tighter standards for AI‑driven authentication workflows. Companies may need to embed additional challenge‑response checks, rate‑limit email changes, and enforce mandatory multi‑factor authentication before any AI‑mediated reset is completed.

For end users, the takeaway is clear: enable the strongest form of MFA available, such as passkeys or hardware security keys, which are resistant to one‑time code interception. Even basic SMS codes would have thwarted the reported exploit, as the attackers admitted the method fails against accounts with MFA enabled. As AI integration deepens across digital services, both providers and consumers must prioritize layered security controls to prevent similar AI‑facilitated hijacks from becoming commonplace.