Meta AI support system exploited to hijack 20,000 Instagram accounts
Attackers weaponized Meta's automated customer service AI to reset passwords and seize control of user accounts in a novel social engineering attack.
Meta has disclosed that more than 20,000 Instagram accounts were compromised after attackers exploited the company's AI-powered support infrastructure to bypass authentication controls. The incident represents a new vector in account takeover attacks: adversaries manipulated automated customer service systems to trigger password resets without legitimate user authorization.
The attackers appear to have identified weaknesses in how Meta's AI support tools validate identity and process account recovery requests. By crafting requests that satisfied the AI's decision logic, they circumvented safeguards designed to prevent unauthorized access. The compromise underscores a structural risk in deploying large language models for sensitive operations without adequate human oversight or secondary verification.
Meta has not disclosed the timeline of the breach, the geographic distribution of affected accounts, or whether the hijacked accounts were used for subsequent fraud or influence operations. The company stated it has implemented additional controls but did not specify their nature. No evidence suggests the attackers accessed Meta's internal systems; the exploit relied entirely on manipulating customer-facing automation.
- 01Enterprises using AI for authentication or account recovery face elevated social engineering risk
- 02Instagram users with compromised accounts may experience fraud, impersonation, or data exfiltration
- 03Regulatory scrutiny of AI deployment in sensitive workflows likely to intensify
- 04Security teams must audit AI-driven processes for exploitable decision logic
Ransomware attack executed entirely by AI agent, researchers report
JadePuffer operation marks what may be the first documented case of a fully autonomous LLM-driven ransomware deployment from reconnaissance to encryption.
Agentic AI Executes Multi-Stage Ransomware Attack via Langflow
Demonstration shows large language model agents autonomously combining exploitation techniques with real-time reasoning to conduct complex intrusions without human intervention.
FortiBleed Attackers Monetize Firewall Access Through Ransomware Partnerships
Actors who compromised thousands of Fortinet devices are now collaborating with Inc and Lynx ransomware groups, adding Nextcloud exploitation to their toolkit.