New, by me: A number of high-profile and/or valuable Instagram accounts, including those of the Obama White House and the Chief Master Sergeant for the U.S.
-
New, by me: A number of high-profile and/or valuable Instagram accounts, including those of the Obama White House and the Chief Master Sergeant for the U.S. Space Force, got hacked and defaced with pro-Iran messaging in the past 24h after people figured out that Meta's AI support assistant could be tricked into resetting account passwords.
From the story:
"A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target's usual hometown, requesting a password reset for the account, and then choosing to chat with Meta's AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset."
https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
@briankrebs It is April 1st, is it?
-
New, by me: A number of high-profile and/or valuable Instagram accounts, including those of the Obama White House and the Chief Master Sergeant for the U.S. Space Force, got hacked and defaced with pro-Iran messaging in the past 24h after people figured out that Meta's AI support assistant could be tricked into resetting account passwords.
From the story:
"A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target's usual hometown, requesting a password reset for the account, and then choosing to chat with Meta's AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset."
https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
@briankrebs File under: "Live by the sword, die by the sword."
-
New, by me: A number of high-profile and/or valuable Instagram accounts, including those of the Obama White House and the Chief Master Sergeant for the U.S. Space Force, got hacked and defaced with pro-Iran messaging in the past 24h after people figured out that Meta's AI support assistant could be tricked into resetting account passwords.
From the story:
"A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target's usual hometown, requesting a password reset for the account, and then choosing to chat with Meta's AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset."
https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
@briankrebs Okay thats it. This is beyond stupid. I'm in disbelief on how a company, even Meta, can do something so incredibly stupid.
-
@briankrebs on it
-
New, by me: A number of high-profile and/or valuable Instagram accounts, including those of the Obama White House and the Chief Master Sergeant for the U.S. Space Force, got hacked and defaced with pro-Iran messaging in the past 24h after people figured out that Meta's AI support assistant could be tricked into resetting account passwords.
From the story:
"A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target's usual hometown, requesting a password reset for the account, and then choosing to chat with Meta's AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset."
https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
@briankrebs At what point does Altman shout “The Aristocrats!” and disappear forever?
-
New, by me: A number of high-profile and/or valuable Instagram accounts, including those of the Obama White House and the Chief Master Sergeant for the U.S. Space Force, got hacked and defaced with pro-Iran messaging in the past 24h after people figured out that Meta's AI support assistant could be tricked into resetting account passwords.
From the story:
"A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target's usual hometown, requesting a password reset for the account, and then choosing to chat with Meta's AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset."
https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
@briankrebs Does the Obama White House still have an Instagram account? It's been a few years...
-
New, by me: A number of high-profile and/or valuable Instagram accounts, including those of the Obama White House and the Chief Master Sergeant for the U.S. Space Force, got hacked and defaced with pro-Iran messaging in the past 24h after people figured out that Meta's AI support assistant could be tricked into resetting account passwords.
From the story:
"A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target's usual hometown, requesting a password reset for the account, and then choosing to chat with Meta's AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset."
https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
I feel like we have stepped back 30 years in infosec.
-
New, by me: A number of high-profile and/or valuable Instagram accounts, including those of the Obama White House and the Chief Master Sergeant for the U.S. Space Force, got hacked and defaced with pro-Iran messaging in the past 24h after people figured out that Meta's AI support assistant could be tricked into resetting account passwords.
From the story:
"A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target's usual hometown, requesting a password reset for the account, and then choosing to chat with Meta's AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset."
https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
@briankrebs This is beyond Stupid
-
New, by me: A number of high-profile and/or valuable Instagram accounts, including those of the Obama White House and the Chief Master Sergeant for the U.S. Space Force, got hacked and defaced with pro-Iran messaging in the past 24h after people figured out that Meta's AI support assistant could be tricked into resetting account passwords.
From the story:
"A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target's usual hometown, requesting a password reset for the account, and then choosing to chat with Meta's AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset."
https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
@briankrebs Hmm, the "VPN" aspect of this makes me think this isn't entirely an "AI" (note quotes) related story, except in the sense that "Agentic AI" is 95% just workflows offloaded into MCP scripts. On the third hand, a lot of *those* are vibe coded garbage and so the circle is complete.
-
New, by me: A number of high-profile and/or valuable Instagram accounts, including those of the Obama White House and the Chief Master Sergeant for the U.S. Space Force, got hacked and defaced with pro-Iran messaging in the past 24h after people figured out that Meta's AI support assistant could be tricked into resetting account passwords.
From the story:
"A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target's usual hometown, requesting a password reset for the account, and then choosing to chat with Meta's AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset."
https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
@briankrebs So this is the oh-so high praised AI....🤯
-
New, by me: A number of high-profile and/or valuable Instagram accounts, including those of the Obama White House and the Chief Master Sergeant for the U.S. Space Force, got hacked and defaced with pro-Iran messaging in the past 24h after people figured out that Meta's AI support assistant could be tricked into resetting account passwords.
From the story:
"A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target's usual hometown, requesting a password reset for the account, and then choosing to chat with Meta's AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset."
https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/
-
@briankrebs Does the Obama White House still have an Instagram account? It's been a few years...
@martinlentink probably an archive account. Targetting the Obama era account for such a message is especially stupid given Obama's focus on negotiating a deal with Iran for years. @briankrebs
-
P pelle@veganism.social shared this topic
