Meta's AI support chatbot was exploited to hijack Instagram accounts, including the @obamawhitehouse account; Meta says the issue has been patched.

Hackers used Meta's AI-powered support assistant—rolled out in March—to take over high-value Instagram accounts by requesting email changes and password resets. The @obamawhitehouse account was among those hijacked and used to post Iranian propaganda. Accounts belonging to the US Space Force Chief Master Sergeant and beauty retailer Sephora were also targeted, according to 404 Media.

The attack worked by asking the chatbot to link a new email address (controlled by the hacker) to a target account, then using a verification code sent by the AI assistant to reset the password. Some hackers used a virtual private network (VPN) to spoof their location, making it appear they were in the same area as their target.

Meta says the issue has been resolved and it is securing impacted accounts. Security researcher Jane Manchun Wong reported her own account was taken over, with her password changed without knowledge and multiple logout attempts on the Instagram iOS app.