Many Instagram users had their accounts hijacked after attackers verified with Meta’s AI-powered support tools that they were the rightful owners.
In many cases, affected users are unable to regain access due to using an automated help desk that only includes AI/chatbot loops and no support agents.
On Monday, many owners of rare and high-value accounts suddenly reported that they had lost access to their accounts, saying their identities were verified by facial scanning and that they had implemented safeguards such as two-factor authentication (2FA).
Among the affected accounts are those previously used by the Obama White House team, belonging to the application researcher Jane Manchun Wong, @hey, and @korn.
The owner of the @korn account, who noted that the band has never officially claimed the account and is using another, expressed frustration with Meta’s recovery method, which has put them in a time-consuming mess.
“I spent 6 hours trying to get human support, and Meta AI support gave me 4 broken links in a row,” explained a user identified as Kornel.
“We’re at a point where one AI has stolen it, and another can fix it, with no humans around,” said the owner of the @korn account.
According to some journalists, the hacking attack was a minor one. The task involved chatting with Meta’s AI assistant, verifying that the attacker is the legitimate account owner, and tricking him into changing the associated email address.
The extortion process begins with the threat actor activating the “forgot password” protocol due to account hacking. When Instagram’s AI-powered help asks a user to verify a selfie, the attacker uses a photo from the target’s account, passes it through an AI video generator to turn it into animation, and uploads it to Meta for verification.
User André says “Meta’s AI is just accepting because it can’t distinguish between a real selfie and an AI-generated video of a human face.” They also added that the takeover method bypasses 2FA protections.
“Then you try to recover your account, and you talk to a chatbot that has no power to help you. You can’t go up to a person. You’re just stuck. Your property is gone, and there’s no one to call,” said André.
Some reports claim that attackers have used VPN services to appear as if they are connected to the target’s normal location, in order to pass geolocation checks that may trigger more complex intrusion flows for added security.
Source: @thecomfeed
After changing the email address, the attacker may initiate the password reset process and obtain the security code needed to gain access to the account.
Some reports online claim that @e and @f single-letter accounts on Instagram were found through an active exploit. However, others dispute this information, saying that usernames are protected by insider rights. BleepingComputer could not independently make any claim.
Because one-character social media accounts are so rare, they have a high value on the black market, often in the tens of thousands of US dollars.
Although Meta has not published a press release with an official response to the situation, the company’s vice president of communications, Andy Stone, responded on social media to the affected user saying “the problem has been resolved, and we are recovering the affected accounts.”
BleepingComputer contacted Meta with a request for comment, but we have not heard back as of publication.
Automated testing tools deliver real value, but they’re designed to answer one question: can an attacker deploy on a network? They are not designed to check that your controls block threats, your firewall detection, or your cloud configs.
This guide covers the 6 areas you really need to verify.
Download Now
