Brief IA

Meta AI Manipulated: Hackers Hijack Instagram Accounts

🤖 Models & LLM·Tom Levy·

Meta AI Manipulated: Hackers Hijack Instagram Accounts

Meta AI Manipulated: Hackers Hijack Instagram Accounts
Key Takeaways
1Hackers exploited a vulnerability in Meta AI to hijack Instagram accounts by bypassing its safeguards.
2The attacks primarily targeted celebrity accounts, revealing the vulnerability of AI models to well-crafted manipulations.
3Meta acknowledged the flaw and claims to have fixed the vulnerabilities to secure the affected accounts.
💡Why it mattersThe security of celebrity accounts on Instagram is jeopardized by flaws in AI systems, necessitating enhanced protective measures.
Le brief IA que lisent les pros

Le brief IA que les pros lisent chaque soir

Les 7 actus IA du jour, décryptées en 5 min. Gratuit.

Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.

Choisis ton rythme

Gratuit · Pas de spam · Désabonnement en 1 clic

📄
Full Analysis

A Vulnerability Exploited in Meta AI

Hackers have recently highlighted a vulnerability in Meta AI, Meta's support chatbot, allowing them to hijack Instagram accounts. These attacks, which rely on simple manipulations, have enabled the circumvention of AI safeguards and the takeover of accounts, including those of public figures.

According to the American site Media 404, this flaw was exploited to manipulate Meta's assistance chatbot, revealing the fragility of automated systems when faced with well-crafted requests. Meta has acknowledged the existence of this vulnerability and has taken steps to address the issue.

An Exploit Sharing Network

Journalists from 404 Media discovered an active network on Telegram, where hackers share techniques for manipulating chatbots. These groups disseminate screenshots of conversations, tutorial videos, and lists of vulnerable Instagram accounts.

Meta AI, used on Facebook and Instagram, is designed to automate customer support, including sensitive operations like password resets. However, this automation has created a loophole, allowing hackers to bypass security checks.

A Simplified Attack Method

The attack process is surprisingly simple. Hackers use a VPN to simulate a connection from the target's region, then initiate a password reset procedure. By engaging in a conversation with the chatbot, they request a change to the email address associated with the account. If the request is accepted, a validation code is sent to the address controlled by the attacker, allowing them to finalize the account takeover.

This method demonstrates how easily AI models can be manipulated to perform unauthorized actions, especially when connected to critical systems.

Compromised Accounts of Public Figures

Several Instagram accounts of public figures, including that of Barack Obama and a senior official from the Space Force, have been compromised. Although a direct link to this vulnerability has not been confirmed, the coincidence raises questions.

Reports, such as that from researcher Jane Manchun Wong, detail similar attempts at compromise. Meanwhile, informal markets on Telegram are trading or selling popular accounts, sometimes in connection with this vulnerability.

Meta has confirmed that it has patched the flaw and secured the affected accounts, but this incident underscores the need to strengthen security measures around AI systems.

Brief IA — L'actualité IA en français

L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.