Your mom was right: Asking nicely is the best way to get what you want—even if what you want is to hack famous people’s Instagram accounts. That’s apparently how hackers got Meta’s AI customer support to aid them in taking over high-profile handles.
It’s unclear how many accounts were impacted, but victims appear to include the Obama White House account, the US Space Force’s chief master sergeant, and a former Meta employee turned security researcher.
It was surprisingly easy to dupe Meta’s chatbot, as purported hackers’ social media posts show. According to 404 Media:
- First, the hackers used a VPN to make themselves appear in the geographic area of the targeted account’s owner (thus bypassing automatic account protections).
- Next, they asked the Meta AI Support Assistant to add a new email address to the account, prompting the bot to send a code.
- Armed with the code, the hacker could request a password reset, which the bot then sent to the new email, thereby handing over control of the account.
But the bot won’t be rolling out the welcome mat for hackers any more. Yesterday, a Meta spokesperson said that the issue “has been resolved and we are securing impacted accounts.”
Zoom out: The bot’s blunder highlights the risks of the increasingly popular practice of handing over important business functions to AI agents.—AR
Click Here For The Original Source.
