Meta patches Instagram AI chatbot flaw after high-profile account hijackings
The tech giant confirmed the issue is resolved, but reports suggest the exploit compromised accounts including the Obama White House handle, Sephora, and a Space Force official.
Meta has resolved a critical security vulnerability in its AI-powered Instagram support chatbot that enabled hackers to hijack user accounts. The exploit allowed malicious actors to bypass standard authentication protocols, including two-factor authentication, by social engineering the bot into linking a new email address and resetting passwords. The vulnerability relied on manipulating the chatbot's location verification via VPN to match the target's location.
Security researchers flagged the issue in June 2026, with details circulating on X and Telegram. The attack vector exploited a feature designed to streamline account recovery by recognising familiar devices and locations. Hackers used virtual private networks to spoof their location, convincing the AI assistant that they were accessing the account from a trusted environment.
Reports suggest high-profile accounts, including the Obama White House Instagram handle, Sephora, and a Space Force official, were compromised. The Obama White House account, which had been inactive since 2017, posted an AI-generated image claiming "the White House is under Shiites' control." Meta confirmed the hack to media outlets but did not provide details on how it was carried out or who might have been behind it.
Meta directed inquiries to VP of communications Andy Stone, who confirmed the issue was resolved and that impacted accounts were being secured. The company stated it is working to secure affected accounts, though it remains unclear how many were compromised before the patch was applied. Meta has not provided official details on why its AI support tool possessed such a significant security vulnerability.
Security researchers had reportedly been discussing the vulnerability on Telegram since March 2026. The exploit came to light over the weekend when numerous researchers shared proof-of-concept videos and screenshots on X. The incident highlights the risks associated with automated support tools that handle sensitive account recovery processes.
The timing of the exploit coincides with a wave of hacks involving high-profile accounts. While it is not confirmed whether the hacks of the Obama White House, Sephora, or the Space Force official were directly caused by this specific AI chatbot exploit, the proximity suggests a link. Meta’s AI tool was designed to make account recovery "faster and simpler," a promise that appears to have been over-delivered in this instance.
Meta has not disclosed who might be behind the hacks or the specific methods used for the high-profile accounts. The company’s response has been limited to confirming the resolution of the vulnerability and the ongoing effort to secure impacted accounts. The incident serves as a stark reminder of the potential consequences of integrating AI into security-critical systems.
