{"id":261256,"date":"2026-06-01T13:45:00","date_gmt":"2026-06-01T17:45:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/01\/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts-krebs-on-security\/"},"modified":"2026-06-01T14:20:11","modified_gmt":"2026-06-01T18:20:11","slug":"hackers-used-metas-ai-support-bot-to-seize-instagram-accounts-krebs-on-security","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/01\/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts-krebs-on-security\/","title":{"rendered":"Hackers Used Meta\u2019s AI Support Bot to Seize Instagram Accounts \u2013 Krebs on Security"},"content":{"rendered":"<p><a href=\"https:\/\/krebsonsecurity.com\/2026\/06\/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts\/\">Hackers Used Meta\u2019s AI Support Bot to Seize Instagram Accounts \u2013 Krebs on Security<\/a><\/p>\n<p><a href=\"https:\/\/krebsonsecurity.com\/2026\/06\/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts\/\">https:\/\/krebsonsecurity.com\/2026\/06\/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-01 13:45:00<\/a><\/p>\n<p>Source Domain: <a href=\"krebsonsecurity.com\">krebsonsecurity.com<\/a><\/p>\n<p>The <strong>Instagram<\/strong> accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta\u2019s \u201cAI support assistant\u201d bot into resetting account passwords.<\/p>\n<p id=\"caption-attachment-73755\" class=\"wp-caption-text\">A screenshot from a video released on Telegram claiming to show how Meta\u2019s AI customer support bot could be tricked into resetting a target\u2019s password.<\/p>\n<p>On May 31, word began to spread on several Telegram instant message channels that Meta\u2019s AI bot would happily add an email address to an existing account as part of the bot\u2019s standard password reset flow.<\/p>\n<p>A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target\u2019s usual hometown, requesting a password reset for the account, and then choosing to chat with Meta\u2019s AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset.<\/p>\n<p>The Telegram account that posted the video also linked to screenshots of pro-Iran images, videos and messages that defaced the hacked Instagram accounts, saying hackers had used the exploit to hijack a number of valuable (read: short) Instagram account names that allegedly have a resale value of more than a half million dollars.<\/p>\n<p>Meta has not responded to requests for comment on the video\u2019s claims, but the company reportedly did acknowledge the dormant Instagram account for the Obama White House was briefly compromised. The security blog thecybersecguru.com reports that Meta pushed an emergency patch over the weekend, and clarified that no back end database was breached.<span id=\"more-73751\"\/><\/p>\n<p>\u201cInstagram has notoriously poor human support infrastructure,\u201d Cybersecguru&#8230;<\/p>\n<p><a href=\"https:\/\/krebsonsecurity.com\/2026\/06\/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers Used Meta\u2019s AI Support Bot to Seize Instagram Accounts \u2013 Krebs on Security https:\/\/krebsonsecurity.com\/2026\/06\/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts\/&#8230;<\/p>\n","protected":false},"author":1,"featured_media":261260,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/06\/metasupportbot.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,31],"class_list":["post-261256","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-exploit"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/261256"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=261256"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/261256\/revisions"}],"predecessor-version":[{"id":261262,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/261256\/revisions\/261262"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/261260"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=261256"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=261256"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=261256"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}