Hackers claim they used Meta's AI-powered chatbot to successfully compromise multiple high-profile Instagram accounts by directly asking the bot to change the email address associated with the target account to a new one. The claims are consistent with a series of recent social media account takeovers, including those of Barack Obama's White House, the Chief Master Sergeant of the U.S. Space Force and Sephora.
The report pointed out that this incident exposed the huge risks of over-entrusting support services or key functions to AI chatbots. Victims said that after their accounts were stolen, they had almost no way to switch to manual processing and could only deal with automated systems. Meta announced in March this year that it was rolling out AI support to all accounts on Facebook and Instagram and giving them the ability to reset passwords and perform other key account maintenance operations. The product page even said "Solutions, not just suggestions" and "Account security and recovery."
Over the past few days, security researchers and hacker groups have been circulating videos and screenshots on Telegram showing the seemingly simple process of hacking accounts. One of the videos shows the hacker talking to Meta's AI-powered bot, then asking it to bind the target account to a new email address and directly provide the target username, how to send the verification code, and the attacker's email address. The report believes that such cases illustrate that if AI is used to handle highly sensitive account operations, the consequences may be very serious once prompt word spoofing or process loopholes occur.