Meta’s AI support assistant helped hackers gain access to high-profile Instagram accounts, according to social media reports. Without verification checks, Meta AI would change the email address associated with an Instagram account, allowing the password to be updated.
Meta introduced its AI support assistant in December with the aim of making it easier for customers to access 24/7 account support. It can be used to report scams, get information about content removal, and reset passwords. It is this latter option that bad actors have been able to exploit.
The Instagram vulnerability surfaced on social media over the weekend, with demonstrations of the simple steps to follow to access an account. In one demo, a hacker asks Meta’s helper bot to change the email address linked to a target Instagram account, and the AI does so without question.
Meta Support did not perform robust identity verification, and in some cases it appears to have bypassed two-factor authentication. All that was needed was a VPN connection set to a location close to the target account, which is trivial. Meta appeared to verify account ownership based on location. “Our systems recognize the device you usually use and familiar locations better than ever before,” reads Meta’s blog post about its AI support agent. In some cases, users were asked to verify their identity with a selfie, which was bypassed using AI.
For a short time, the exploit was publicly available and account takeovers increased. A security researcher said Telegram channels that offer Instagram services on the black market “make a lot of money” thanks to Meta’s AI. 404 Media said the hackers had known about the exploit since March.
Meta fixed the issue over the weekend and today Meta VP of Communications Andy Stone said the issue had been resolved. Meta now “secures the affected accounts”.
News of the Instagram attack vector comes after hackers managed to take over the accounts of Sephora, Space Force Staff Sergeant Jane Manchun Wong, developer Albert Renshaw who owned @albert, and Barack Obama’s archived White House account. Several other users with desirable Instagram handles reported that their accounts had been deleted.
Some users whose accounts were stolen over the weekend were unable to use AI to recover their accounts, and there was no option to ask a human for help.
