GoKawiilHackers managed to trick Meta’s AI-powered support bot into allowing them to take over a number of Instagram accounts, including some high-profile ones. This included accounts belonging to the White House, US Space Force, and security researcher Jane Wong.
On a more positive note, the social network is experimenting with a way of blocking teenage users from repeated exposure to content likely to impact their mental health …
Hackers tricked Meta AI chatbot
In one of those “you can’t make it up” moments, hackers managed to fool Meta’s AI support chatbot into allowing them to conduct password resets on other people’s Instagram accounts. The attack method was childishly simple.
They began a password reset process
When asked to choose a method, they selected Meta AI Support Assistant
They asked the chatbot to add a new email address to the account
It did so without question, despite them not being logged-in to that account
The chatbot sent a code to the new email address
They used that code to change the password
... continue reading