Pro-Iranian hackers tricked Meta's AI support bot into handing over high-profile Instagram accounts
Pro-Iranian hackers spent the last weekend of May seizing high-profile Instagram accounts by tricking Meta's AI support assistant into resetting their passwords, Brian Krebs reported.
At a glance
- On May 31, instructions spread on Telegram showing how to trick Meta's AI support assistant into linking a new email address to a target Instagram account during password reset
- The bot sent a one-time code to the attacker-supplied email, enabling full account takeover when combined with a VPN IP near the victim's hometown
- Instagram accounts of the dormant Obama White House, Sephora and a senior US Space Force official were defaced with pro-Iranian imagery over the weekend
- Meta pushed an emergency patch and Andy Stone said the issue was resolved and impacted accounts were being secured
- The attack failed against accounts with multifactor authentication enabled, including SMS-based MFA
VERDICT — CONFIRMED
Pro-Iranian hackers spent the last weekend of May seizing high-profile Instagram accounts by tricking Meta's AI support assistant into resetting their passwords, Brian Krebs reported. On May 31, word spread across several Telegram channels that Meta's AI bot would happily add a new email address to an existing account as part of its standard password-reset flow. A video circulated by the attackers showed the technique: connect through a VPN with an IP address in or near the target's usual hometown, request a password reset, then chat with Meta's AI support assistant and ask it to link the account to a new email address — to which the bot dutifully sent a one-time code enabling a full takeover.
Instagram accounts belonging to the dormant Obama White House, beauty retailer Sephora and a senior U.S. Space Force official were briefly defaced with pro-Iranian images and messages before Meta pushed an emergency patch over the weekend. Meta spokesman Andy Stone said the issue had been resolved and that impacted accounts were being secured.
Krebs noted the attack failed against accounts with multifactor authentication enabled, including those protected only by SMS codes.
Why it matters
a widely abused jailbreak of a platform's customer-facing AI agent shows agentic support tools becoming a standalone attack surface — one that bypassed Meta's account-recovery safeguards with the simplicity of a self-serve exploit.
Key facts on file
- On May 31, instructions spread on Telegram showing how to trick Meta's AI support assistant into linking a new email address to a target Instagram account during password reset
- The bot sent a one-time code to the attacker-supplied email, enabling full account takeover when combined with a VPN IP near the victim's hometown
- Instagram accounts of the dormant Obama White House, Sephora and a senior US Space Force official were defaced with pro-Iranian imagery over the weekend
- Meta pushed an emergency patch and Andy Stone said the issue was resolved and impacted accounts were being secured
- The attack failed against accounts with multifactor authentication enabled, including SMS-based MFA


