Instagram has patched a critical vulnerability that allowed attackers to seize control of user accounts by exploiting Meta's own AI-powered support chatbot. The attack, which emerged over the weekend and was detailed in a video posted on X, relied entirely on tricking the Meta AI Support Assistant into granting account access—no phishing emails, no malware, just conversational manipulation.

How the Attack Worked

The technique was disturbingly simple yet effective. According to security researcher Jane Wong, who fell victim to the hack herself, attackers used a VPN to spoof their location and avoid triggering Instagram's automated defenses. They then opened a chat with Meta AI Support Assistant and requested that a new email address be added to the target's account. The chatbot obligingly sent a verification code to the attacker's provided email address—and when the hacker fed that code back into the conversation, the system displayed a 'Reset Password' button. One password change later, full account access was theirs.

High-Profile Targets Included

The campaign appears to have targeted several notable accounts. Compromised handles included the Obama-era White House Instagram account (which has been inactive since 2017) and the personal account of U.S. Space Force Chief Master Sergeant John Bentivegna. Wong described her own experience as particularly unsettling: 'The password got changed without my knowledge and I was getting different password reset attempts throughout yesterday,' she wrote on social media. TechCrunch independently verified that the attacker's public email mailbox successfully received verification codes during testing, confirming the technique's viability.

The Critical Flaw

What makes this attack so concerning is its elegant exploitation of a fundamental weakness: attackers never needed to compromise the legitimate email address already linked to victim accounts. By convincing Meta AI Support Assistant to add a new email under their control, hackers could intercept verification codes and trigger password resets—all while the real account owner remained unaware until it was too late.

Instagram Responds

Instagram spokesperson Andy Stone confirmed on Monday that the vulnerability had been resolved. However, it's still unclear exactly how many users were affected by the campaign or how long the flaw existed before being discovered. Meta did not respond to TechCrunch's requests for additional comment on the timeline or scope of the breach.

Key Takeaways

  • Attackers exploited Meta AI Support Assistant through conversational social engineering—no technical hacking required
  • VPN usage helped bypass Instagram's automated account protection systems during the attack
  • Verification codes sent to attacker-controlled emails enabled password resets without compromising original account email
  • High-profile targets suggest this may have been a targeted campaign rather than mass exploitation

The Bottom Line

This isn't just another data breach—it's a glimpse at how AI-powered support systems can become attack vectors when designed without adversarial scenarios in mind. Meta's chatbot essentially served as an automated accomplice, and that should terrify anyone trusting tech giants with their digital identities.