Meta AI Manipulated: Hackers Hijack Instagram Accounts
Le brief IA que les pros lisent chaque soir
Les 7 actus IA du jour, décryptées en 5 min. Gratuit.
Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.
Choisis ton rythme
Gratuit · Pas de spam · Désabonnement en 1 clic
A Vulnerability Exploited in Meta AI
Hackers have recently highlighted a vulnerability in Meta AI, Meta's support chatbot, allowing them to hijack Instagram accounts. These attacks, which rely on simple manipulations, have enabled the circumvention of AI safeguards and the takeover of accounts, including those of public figures.
According to the American site Media 404, this flaw was exploited to manipulate Meta's assistance chatbot, revealing the fragility of automated systems when faced with well-crafted requests. Meta has acknowledged the existence of this vulnerability and has taken steps to address the issue.
An Exploit Sharing Network
Journalists from 404 Media discovered an active network on Telegram, where hackers share techniques for manipulating chatbots. These groups disseminate screenshots of conversations, tutorial videos, and lists of vulnerable Instagram accounts.
Meta AI, used on Facebook and Instagram, is designed to automate customer support, including sensitive operations like password resets. However, this automation has created a loophole, allowing hackers to bypass security checks.
A Simplified Attack Method
The attack process is surprisingly simple. Hackers use a VPN to simulate a connection from the target's region, then initiate a password reset procedure. By engaging in a conversation with the chatbot, they request a change to the email address associated with the account. If the request is accepted, a validation code is sent to the address controlled by the attacker, allowing them to finalize the account takeover.
This method demonstrates how easily AI models can be manipulated to perform unauthorized actions, especially when connected to critical systems.
Compromised Accounts of Public Figures
Several Instagram accounts of public figures, including that of Barack Obama and a senior official from the Space Force, have been compromised. Although a direct link to this vulnerability has not been confirmed, the coincidence raises questions.
Reports, such as that from researcher Jane Manchun Wong, detail similar attempts at compromise. Meanwhile, informal markets on Telegram are trading or selling popular accounts, sometimes in connection with this vulnerability.
Meta has confirmed that it has patched the flaw and secured the affected accounts, but this incident underscores the need to strengthen security measures around AI systems.
Brief IA — L'actualité IA en français
L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.