Son Dakika
CN超級颱風巴威逼近羅塔島 關島已現強風豪雨INIndia Directs Meta to Disable Child Exploitation Ads on InstagramRUВолонтеры и жители Тувы штурмовали дом по наводке ясновидящей в поисках пропавших детейKRCoupang's US entanglement risks undermining allianceINOPEC+ Approves Modest Production Increase Amid Market ShiftsINTLFIFA Suspends Balogun's Red Card Ban, Allowing Play Against BelgiumCNChinese Researcher Wu Xinbo on US Foreign Policy and China-US RelationsBRConcursos Públicos e Seleções Simplificadas: 255 Vagas Abertas em PernambucoRUМинобороны РФ: ПВО сбили почти 4000 украинских дронов за неделюPLNiezgodności w mięsie mielonym – zaniżona zawartość tłuszczu i niedozwolone składnikiCN超級颱風巴威逼近羅塔島 關島已現強風豪雨INIndia Directs Meta to Disable Child Exploitation Ads on InstagramRUВолонтеры и жители Тувы штурмовали дом по наводке ясновидящей в поисках пропавших детейKRCoupang's US entanglement risks undermining allianceINOPEC+ Approves Modest Production Increase Amid Market ShiftsINTLFIFA Suspends Balogun's Red Card Ban, Allowing Play Against BelgiumCNChinese Researcher Wu Xinbo on US Foreign Policy and China-US RelationsBRConcursos Públicos e Seleções Simplificadas: 255 Vagas Abertas em PernambucoRUМинобороны РФ: ПВО сбили почти 4000 украинских дронов за неделюPLNiezgodności w mięsie mielonym – zaniżona zawartość tłuszczu i niedozwolone składniki
Newsgather
GeriMeta AI Chatbot Hacking Campaign Continues After Fix Claim
Meta AI Chatbot Hacking Campaign Continues After Fix Claim
Acil
TechCrunch03.06.2026Teknoloji3 dk okumaUnited States

Meta AI Chatbot Hacking Campaign Continues After Fix Claim

Hızlı Bakış

  • A hacking campaign exploiting Meta's AI chatbot to take over Instagram accounts persisted even after Meta claimed the issue was fixed.
  • Hackers used the chatbot to claim ownership of accounts, allowing them to reset passwords and gain control, with some victims reporting ongoing issues.

Yapay zekâ özeti

Neden Önemli?

Hackers exploited Meta's AI support chatbot to take over Instagram accounts by falsely claiming ownership. This allowed them to reset passwords and gain control, impacting users, including those with valuable 'OG handles.' Meta initially stated the issue was fixed, but reports indicate it continued.

Yazı boyutu

The widespread hacking campaign that relied on simply asking Meta AI’s chatbot to take over a victim’s Instagram account appears to have continued even after the company said the issue had been resolved. Meanwhile, the company has been scrambling to secure the targeted accounts and alert victims.

Over the weekend, hackers claimed to be exploiting Meta’s AI support chatbot to take over several high-profile Instagram accounts. At the same time, a large number of people complained on social media that their Instagram accounts had been hacked, some of them with unique short user profile handles.

TechCrunch has seen examples of allegedly hacked handles featuring common forenames or names of countries, which can be then re-sold almost as collectibles in a gray market for so-called “OG handles.” Other victims of the hacking spree appeared to be the dormant Obama White House account (which Meta disputed), and the account of the U.S. Space Force’s chief master sergeant John Bentivegna.

These attacks were so simple that calling them hacks may be giving the people behind them too much credit, while at the same time not putting enough blame on Meta for not preventing rudimentary attacks from hijacking people’s accounts.

Hackers simply told Meta’s AI chatbot that they were the owners of the target’s account, and asked the bot to link that person’s account to an email they controlled. The chatbot complied with the request, allowing the hacker to reset the target account’s password and take control of the account — in some cases locking out the victims. At no point were Meta employees or contractors involved in the chat.

On Monday, Meta spokesperson Andy Stone said that “the issue that did happen has already been fixed.”

On Tuesday, however, more Instagram users claimed to have had their accounts hacked.

At the same time, TechCrunch has seen discussions among members of a Telegram channel where the hacking technique had been publicized, who claimed to still be able to exploit Meta’s AI chatbot, and they were advertising apparently hacked handles for sale, including at the time of TechCrunch’s writing. (It’s important to note that it’s hard to know for sure if all these accounts were hacked due to the same technique.)

In a later post on X, Stone said: “Some people may receive password reset notifications and some may be asked security questions when they try and log into their accounts.”

Stone told TechCrunch in an email that Meta secured affected accounts on Monday, then began sending password reset emails. When asked by TechCrunch, Stone would not say how many users were hacked.

Several people have reported that Meta has begun notifying users that they were being targeted.

Victims publicly reported receiving emails from Instagram warning them that the company had “detected some suspicious activity that suggests your Instagram may have been compromised.” The message also said that the company took measures to secure the account, and asked the user to reset their password.

As 404 Media noted, Meta announced in March that it was implementing AI to automate its support to users, saying the AI-powered chatbot was “designed to resolve account issues from start to finish,” and would have the ability to “reset your password securely.” That suggests the chatbot can perform actions that may have previously required a human in the loop, given how critical they were.

For years, there has been a flourishing market where hackers stole and then sold “OG” usernames, referring to the usernames and handles taken by the earliest users of Instagram. In the past, however, taking over those accounts required more complex strategies, such as phishing the victim, taking over their phone number, or bribing insiders at telecom providers.

Here, the hackers just asked, and Meta’s chatbot dutifully complied.

Bundan Sonra Ne Olabilir?

Yapay zekâ öngörüsü — kesinlik taşımaz

  • Meta will likely implement stricter verification protocols for AI-driven account recovery processes.

    Çok muhtemel · Haftalar içinde

  • Further investigation into the security vulnerabilities of Meta's AI systems is probable.

    Muhtemel · Aylar içinde

  • Increased user awareness and demand for more robust account security measures from social media platforms.

    Muhtemel · Aylar içinde

Açık Sorular

  • How many users were ultimately affected by the hacking campaign?
  • What specific technical flaw allowed the AI chatbot to be exploited?
  • Will Meta face regulatory action or fines due to this security lapse?
  • What measures are being taken to prevent similar exploits in the future?

İlgili Konular

Bu haber ilk olarak şurada yayınlandı: TechCrunch.

İlgili Haberler

Bu konuda daha fazlaMeta