Meta’s AI allowed to steal user accounts using only the name
02.06.26
A vulnerability in the artificial intelligence Meta AI allowed attackers to take full control of someone else’s Instagram accounts without authorization, even if they had previously activated two-factor authentication. According to specialized publications, among the confirmed victims was the official archive account of the White House during the presidency of Barack Obama.
The identified security breach in Meta AI allowed third parties to intercept control of other people’s pages. The error was inside the functionality of the intelligent chatbot, which is intended for automated administration. According to security researchers and the Neowin profile publication, the bug has been actively used for several months.
Security bypass scheme
Implementation of the attack did not require complex tools or technical knowledge. The hacking process through AI was built as follows:
- The attacker ran a geo-located VPN in the same country or region where the owner of the target Instagram profile is physically located.
- The hacker then sent a message to the Meta AI chatbot asking it to link a new email address to the desired account by simply providing a valid username.
- After receiving this command, the AI assistant Meta AI automatically generated and sent a direct password reset link to the attacker’s email, completely bypassing the additional owner verification step.
Hacking the White House and expert profiles
Using this critical bug, unknown attackers managed to take control of the official account of the White House during the presidency of Barack Obama. New posts on this page have not appeared since the day of the first inauguration of Donald Trump (January 20, 2017). However, after an unauthorized entry, the burglars placed a picture on it with the inscription: “The White House is under Shiites’ control”. Other notable victims include reverse engineering specialist and popular mobile services researcher Jane Manchun Wong (@wongmjane).
Features of the Meta AI system and causes of vulnerability
The developers at Meta are initially positioning the AI assistant as a centralized tool that works 24/7 in the Facebook and Instagram apps. The tool can independently perform various administrative actions directly within the social network ecosystem at the request of users. In the US and Canada, the company has opened similar technical support options even for unauthorized accounts. An additional problem was that the feature was tested in a limited mode (A/B testing), so users in the test group did not have the tools to disable it themselves.
Currently, Meta specialists have eliminated the dangerous flaw without making loud public statements. It is reported that the exploit has been successfully used for a long time. The number of potentially affected profiles can number in the thousands. Evidence of the scale of the problem was numerous complaints from ordinary users who regularly received unexpected system requests to forcibly change the set password, which they did not request.
Don't miss interesting news
Subscribe to our channels and read announcements of high-tech news, tes
Oppo A6 Pro smartphone review: ambitious
Creating new mid-range smartphones is no easy task. Manufacturers have to balance performance, camera capabilities, displays, and the overall cost impact of each component. How the new Oppo A6 Pro balances these factors is discussed in our review.
Sony WF-1000XM6 Bluetooth headphones review: full power
The new Sony WF-1000XM6 headphones have slightly changed their shape compared to their predecessor, received a new processor, an improved noise cancellation system, more microphones, and generally made a noticeable step forward technically.
AMD Zen 6: A powerful breakthrough in server computing and AI
AMD has officially confirmed the imminent announcement of the new Zen 6 architecture. The first representatives of the line will be EPYC server processors codenamed Venice.
ASUS ROG Raikiri II Pro: advanced gamepad with LED screen and SpeedNova technology
ROG Raikiri II Pro is a flagship controller with an innovative LED display, a polling frequency of 8000 Hz and a modular design of sticks.


