Hackers have tricked Meta’s own AI chatbot into providing access to some Instagram accounts after the user assistance process was recently automated.

Meta said it has now fixed the issue, which allowed people to access someone’s Instagram account simply by asking Meta’s AI chatbot to add their own email address to the account.

It comes after Meta earlier this year rolled out AI-based support for all accounts on Facebook and Instagram.

In late May, Telegram chats began discussing the breach, revealing that Meta’s AI assistant would willingly add an email address to an existing account as part of its standard password reset flow, with little safeguards.

A video posted to X appears to show one such hacker demonstrating how this worked.

The hacker clicked on account recovery for a victim’s account and is messaged by the AI chatbot.

They then asked the bot to link the victim’s account to their email address, with the bot then sending a verification code to that new email address.

After putting the code into the chat, the hacker was sent a button to reset the victim’s password.

The hacker used a VPN to trick the AI bot into thinking they were based where the account was supposed to be based, but otherwise employed minimum other techniques beyond simply asking the AI for access.

High-profile accounts targeted

As 404 Media reported, revelations of the flaw coincided with the hijacking of a number of prominent accounts, including Barack Obama’s White House account, which has been dormant for nearly a decade, the Chief Master Sergeant of Space Force, and beauty brand Sephora.

It has also been reported that hackers are using the technique to obtain logins for “rare” and valuable Instagram accounts, such as those with short and sought-after usernames.

In a post on X, Meta spokesperson Andy Stone said the issue with the chatbot has now been fixed and denied that it had impacted the accounts of world leaders.

“This claim about world leaders is totally false,” Stone posted.

“This issue has been resolved, and we are securing impacted accounts.”

Former Meta security engineer Jane Manchun Wong said she herself was impacted by the hacks, and that her Instagram password was changed without her knowledge.

“Quite concerning,” Wong posted on X.

Automating user help

Earlier this year Meta announced that it would be using its Meta AI support assistant to handle a range of user concerns and assistance programs.

Its site for this assistant spruiks “reliable 24/7 help on Facebook and Instagram – fast, effective and designed to resolve account issues from start to finish”.

“When something goes wrong with your account, you shouldn’t have to hunt for answers,” it said.

“The Meta AI support assistant helps you understand what’s happening, what you can do next and can even take action for you.”

The chatbot can, without human intervention, handle account security and recovery, safety and reporting, privacy and settings, and content and appeals, and can offer “solutions, not just suggestions”, the company said.

Meta has been aggressively rolling out AI features across its platforms, and internally within the company.

Earlier last year the social media giant unveiled an app for Meta AI, which can assist, chat and engage in natural chat.