Instagram Accounts Hijacked by Tricking Meta AI Support Into Verifying Attackers as Owners | Free Download

Several Instagram users’ accounts were hijacked when attackers tricked Meta’s AI-powered support tool into believing they were the real owners.

Many of those affected have been unable to gain access because Meta’s automated support relies on AI chatbots that loop without giving the human agent any way to proceed.

The attacks, which began being reported on Monday, targeted rare and high-value accounts. One of the affected accounts was reportedly previously used by the Obama White House team, an app belonging to researcher Jane Manchun Wong, and the accounts were @hey and @korn.

Some users said that their identity was verified through facial scan and that they had two-factor authentication enabled, yet they lost access.

How attackers tricked Meta’s AI support into handing over Instagram accounts

Several reports indicate that the acquisition process was straightforward:

1. The attacker activates the “Forgot Password” feature and claims that the account has been hacked.
2. When Instagram’s AI assistant requests a selfie for verification, the attacker uploads a photo taken from the target’s public account.
3. This photo is processed through an AI video generator to create the animation.
4. The animated video has been uploaded to Meta and accepted as valid identity verification. Once verified, the attacker changes the associated email address.
5. With the email updated, they initiate a password reset and receive the security code needed to take full control of the account.

User Andre noted that “Meta’s AI accepts this because it can’t tell the difference between a real selfie and an AI-generated video of someone’s face,” adding that this method bypasses two-factor authentication.

Some reports also indicate that attackers used VPN services to make it appear as if they were connecting to the target’s general area, passing geolocation checks that would normally trigger a more secure login process.

A common complaint is difficulty reaching a human support agent during recovery. The owner of the @Korn account said he spent six hours trying to contact support and received four broken links from Meta’s support AI.

“We’re at the point where one AI stole it, and another can’t fix it, with no humans involved,” the account owner said. Andre shared a similar experience: “You’re talking to a chatbot that has no ability to help. You can’t reach a human being. You’re just stuck.”

Why Rare Instagram Accounts Are Targeted and How Meta is Responding

Rare accounts, including single-letter usernames, have a very high black market value, often reaching thousands of dollars. Some reports say the single-letter @e and @f accounts were obtained through an active exploit, while others suggest those usernames were secured by someone with internal access. BleepingComputer noted that it could not independently verify any of the claims.

Meta has not issued any official statement. Andy Stone, the company’s vice president of communications, responded to a user on social media saying the issue has been resolved and they are securing the affected accounts.

BleepingComputer contacted Meta for comment but did not receive a response at the time of publication.

What can Instagram users do to reduce their risk?

This attack takes advantage of Meta’s verification and recovery systems rather than a vulnerability on the user’s device, which limits what individuals can do to prevent it entirely. However, users can take steps to reduce their risk and improve their chances of recovery:

• Limit the number of public-facing profile photos that clearly show your face, as attackers use these images to create verification videos.
• Keep your account recovery contact information, such as email and phone number, fresh and protected with a strong, unique password.
• Enable two-factor authentication, although it’s worth noting that this attack reportedly bypassed it. Nevertheless, two-factor authentication provides additional protection against more common credential-based attacks.
• If manual recovery becomes necessary, document proof of account ownership, such as your original signup email and creation date.
• Keep an eye out for unexpected notifications about password resets or email changes and take immediate action if you notice anything unusual.

The main vulnerability lies in Meta’s AI-powered verification process, which accepts AI-generated facial videos. Until Meta improves this aspect of its verification system, users with high-value accounts will remain at greater risk.

Meta said the specific incidents have been resolved but did not provide details about any changes made to prevent similar AI verification bypasses from happening again.