Over the weekend, hackers successfully hijacked high-profile Instagram accounts using a surprisingly simple trick. They exploited the Meta AI support assistant. Consequently, the affected accounts displayed pro-Iranian images and messages.
Attackers targeted major government and military accounts. Victims included the Obama White House and the Chief Master Sergeant of the U.S. Space Force. Furthermore, hackers seized valuable, short Instagram account names. These specific handles reportedly hold resale values exceeding half a million dollars.
The Meta AI Bot Exploit Mechanism
On May 31, instructions for the hack surfaced on Telegram channels. Pro-Iran hackers published a video detailing the exploit. First, the attacker established a VPN connection. They matched their IP address to the target’s usual hometown. Next, they initiated a standard password reset request.
Then, the attacker engaged the Meta AI support assistant. They instructed the bot to link the compromised account to a new email address. A screenshot circulating online clearly documents this interaction. In the image, the user asks the bot to link the address “fosttn@gmail.com”. The AI bot obediently complies. It immediately sends an 8-digit verification code to the new address. Ultimately, this allowed the attacker to complete the password reset and lock out the original owner.
Meta’s Response & Security Warnings
Meta originally deployed this AI layer to improve its notoriously poor human support infrastructure. However, the implementation clearly backfired. Fortunately, Meta pushed an emergency patch over the weekend.
Andy Stone from Meta confirmed on X that the company resolved the issue. He also stated that Meta is currently securing the impacted accounts. Additionally, sources also clarified that no backend database breach occurred.
This issue has been resolved and we are securing impacted accounts.
— Andy Stone (@andymstone) June 1, 2026
Meanwhile, experts warn about this expanding threat landscape. Ian Goldin, a threat researcher at Lumen’s Black Lotus Labs, highlighted the inherent danger. He stated that AI bots are equally vulnerable to social engineering and trickery as human customer support employees. The bots remain overly eager to help.
However, users can easily protect themselves. The hackers admitted on Telegram that their exploit failed entirely against accounts utilizing multi-factor authentication (MFA). Therefore, even Instagram’s least robust SMS-based MFA effectively blocks the attack.
