Hackers were able to exploit Meta's AI support chatbot to take over and resell valuable Instagram accounts, according to reports. The exploit involved using a VPN to mask their location and asking the chatbot to change the email associated with the account, allowing them to reset passwords and gain control. The breach was described as a straightforward prompt injection attack, and videos showing the 'shockingly easy' method have been shared in Telegram groups. The compromise of high-profile accounts, including the Barack Obama White House account and the Chief Master Sergeant of Space Force’s account, highlighted the severity of the issue. These accounts were used to post pro-Iranian content while they were temporarily compromised. The exploit was active in the wild for months, with hackers compromising thousands of accounts, according to Neowin. However, the breach gained more public attention recently, with prominent researchers like Jane Manchun Wong also reporting their accounts were hacked. On May 31, ZachXBT, a pseudonymous open source intelligence researcher, posted on X about how the Meta AI support system had 'lots of access perms' that allowed password resets without 2FA. The CyberSec Guru described the exploit as a classic 'confused deputy' problem, where a program with elevated permissions is tricked into misusing those permissions. In this case, the 'deputy' was a large language model with a probabilistic response model. The breach also underscored the risks of deploying AI agents with elevated permissions that can modify critical data. Users with multifactor authentication (MFA) were unaffected, as the exploit failed against accounts with MFA enabled, including those using SMS-based one-time codes. *Source: [arstechnica](https://arstechnica.com/ai/2026/06/meta-ai-support-chatbot-gave-hackers-access-to-notable-instagram-accounts/)*