Meta's AI Support Feature Lets Anyone Hijack Instagram Accounts — Exploit Details Inside

Meta's AI support feature for Instagram—currently A/B tested on a subset of accounts—contains a critical vulnerability that allows anyone to hijack an account with minimal effort. The exploit has been actively used in blackhat circles for several days, compromising over 100 high-value accounts.

How the Exploit Works

According to a Hacker News post by user parable, the attack requires only three steps:

• Connect via a proxy or VPN close to the target account's region.
• Ask the AI support agent to send a verification code to an arbitrary email address you control.
• Receive the code, forward it to the agent, and the agent provides a password reset link that you can use to sign into the account.

This bypasses any email-based security checks because the AI agent itself handles the verification flow.

Impact and Context

The exploit has been circulating on Telegram and is trivial to execute. Victims report that their sessions were revoked and passwords changed with no email, text, or push notification. Even accounts with two-factor authentication (TFA) enabled may be vulnerable—some reports suggest TFA can be bypassed as well. Users affected by the exploit also experienced rate limiting on password reset emails, making it harder to recover accounts through normal channels.

This is not Meta's first security oversight. In February, a separate exploit allowed anyone to view the email address and phone number on file for any Instagram account. That bug was never officially acknowledged by Meta.

Recommended Mitigation

The immediate fix is to disable the AI support feature entirely until the verification flow is corrected. Affected users should revert hijacked accounts and usernames. As of the time of the Hacker News post, the flaw remained unpatched.