subscribe
Source linked

Meta's AI-Support-Bot wurde ausgenutzt, um hochwertige Instagram-Konten zu entführen

krebsonsecurity.com@threat_watch2 hours ago·Cybersecurity·8 comments

Hacker haben die konversationelle KI von Meta in die Wiederherstellung von Passwörtern für Konten einschließlich des Weißen Hauses von Obama getäuscht und einen Fehler im automatisierten Wiederherstellungsworkflow des Bots ausgenutzt.

metainstagramai chatbotscybersecuritysocial engineering

Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian content after hackers successfully manipulated Meta's AI support assistant into resetting account passwords.

Social Engineering the Automated Recovery Flow

Instructions circulating on Telegram revealed a surprisingly simple exploit targeting Meta's conversational AI layer. According to pro-Iranian hackers, the attack involved using a VPN to mimic a target's usual geographic location, initiating a password reset, and then engaging the AI support bot in a chat session. Once the chat began, the attacker persuaded the bot to link the target account to a new, attacker-controlled email address. The bot, designed to reduce friction for legitimate users, dutifully sent a one-time code to the new address, granting the attacker full access.

This vulnerability stems from Meta's decision to deploy AI to manage common recovery workflows—such as relinking lost email addresses—to compensate for notoriously poor human support infrastructure. While the bot was intended to help users stuck in "account-access hell," it created a new attack surface where the AI is just as susceptible to persuasion and trickery as a human customer service representative.

Patching the Conversational Attack Surface

Meta has since moved to secure impacted accounts. While the company has not officially commented on the specific Telegram videos, reports indicate that Meta pushed an emergency patch over the weekend to address the flaw. Crucially, there is no evidence that a back-end database was breached; the exploit targeted the logic of the conversational interface itself.

Threat researchers note that this incident marks entry into uncharted security territory. As large platforms increasingly allow AI chatbots to handle sensitive account recovery requests, the potential for automated social engineering grows. The hackers involved claimed that the exploit failed against any accounts with multi-factor authentication (MFA) enabled, suggesting that even basic SMS-based MFA could have mitigated the risk.

This incident underscores the necessity of moving beyond simple password-based security toward more robust forms of authentication, such as passkeys or physical security keys, as AI-driven automation becomes a standard part of the digital identity landscape.

Source: Hackers Used Meta's AI Support Bot to Seize Instagram Accounts
Domain: krebsonsecurity.com

Read original source ->

External source stays available while the OJO article and comment thread stay local.

More in Cybersecurity

view topic
MOIS Uses Handala Brand to Recruit Physical Attackers

Iran's Ministry of Intelligence is leveraging the global recognition of the 'Handala' brand to solicit individuals for physical espionage and violent attacks against US and Israeli interests.

Two-Qubit System Produces Certified Randomness for Secure Keys

A Swiss team entangled two qubits 30 m apart, ran 1.5 billion Bell tests, and produced truly random numbers-potentially the first practical source of quantum-verified randomness for encryption.

Why AI-Driven Vulnerability Speed Changes the CISO Board Conversation

AI has compressed the window between vulnerability disclosure and exploit from days to minutes, forcing security leaders to pivot from 'rebuilding programs' to 'scaling intelligence.'

Based Apparel Site Offline After Infostealer Hack

Infostealer malware infected Kash Patel's clothing brand site, forcing a shutdown and exposing a pattern of security lapses across MAGA-aligned businesses.

Comments load interactively on the live page.