Hackers trick Meta AI into handing over Instagram accounts – including Barack Obama’s

Meta has embraced AI in recent years (Picture: Getty/AP)

Hackers were able to hijack and sell Instagram accounts by tricking the social media platform’s AI chatbot,Meta told Metro.

Meta AI is a digital assistant integrated into Instagram as well as other Meta-owned platforms,like Facebook and WhatsApp.

But rather than use it to write captions or generate images,hackers have found a way to trick it into changing other people’s passwords.

Among the first to document the vulnerability were cybercrime trackers ZachXBT,Dark Web Informer and impulsive.

Meta has now confirmed to Metro that the vulnerability has been patched.

🚨 LIVE: Instagram hack is going on and guys are hacking accounts currently on live.

AI at Meta sucks lol. Look at Whats happening pic.twitter.com/zSqvXDa1JY

— Bahram Sahbani (@bahrambiz) May 31,2026

But cybersecurity experts estimate that around 100 high-value accounts were looted,with some being flogged on black market services.

Even Barack Obama’s dormant White House Instagram account was infiltrated,TMZ reported on Sunday.

Attackers posted,among other things,an image captioned: ‘White House is under Shiites (control)’,referring to Shia Muslims,members (known as Shiites) of the second-largest denomination of Islam.

Meta confirmed the breach and said the account,which has 2.4 million followers,has since been restored. 

The workaround involved using a specifically worded prompt (Picture: Telegram/Conetic Larp/Instagram)

The Chief Master Sergeant of the US Space Force,John Bentivegna,also had his account looted.

His account was flooded with anti-American and pro-Iranian messages on Sunday,according to military social media and Reddit pages. 

Bentivegna said that he is ‘working with the appropriate teams to regain access’ to his account.

‘It’s kind of like someone breaking into your house’

Impacted accounts are mainly those with short usernames,which are known in underground circles for their resale value. They include @hey,@eggs and @f,according to the Instagram handle tracker Chidori Monitor.

Among them is Dubai-based Hamza,who told Metro that his Instagram account,@zv,was swindled at 8am local time yesterday.

Meta told him that his profile,which he’s had for about four years,does not comply with their cybersecurity policies.

‘I just think Meta is relying too much on AI,’ Hamza says,adding that he spent hours going through the company’s automated support system.

My Instagram account (@zv) was compromised and disabled overnight despite being Meta Verified,identity verified,and having no history of policy violations.

I’ve spent hours trying to get support,only to be sent in circles through automated systems and broken help resources… pic.twitter.com/aaCmcTFkBL

— Hmz (@hmz_ib) June 1,2026

‘When the hacker changed my email,AI responded with,“We cannot change the email without confirming it’s you,” after Meta patched it,so they’d send a code to the hacker’s email.

‘It’s kind of like someone breaking into your house and the government tells you to get out,it isn’t yours anymore.

‘It’s f***ed bro,I don’t know what to even say,I’m speechless.’

X user Korn says hackers also made off with his Instagram account,@korn,which he’s had for several years,on Monday. He posted college admission tips and it was his sole source of income.

‘The account was completely verified,had a facial scan done,MFA/2FA on,and had zero [terms of service] violations,’ Korn tells Metro.

‘I received no notice on my phone number or email,meaning that the exploit bypassed 2FA.’

What Korn now sees when trying to access his account (Picture: Instagram)

Meta says that its support digital assistant can help users ‘take action’ rather than be pointed to help webpages. It can help reset passwords,set up two-factor authentication and regain access to accounts.

But for Korn,the social media giant’s reliance on AI at a time when the tech can still be easily manipulated is concerning.

‘Personally,Meta has offered 0 support. Not one comment,DM,or reply,’ he adds.

Korn even bought a $49 a month Meta verified plan on another account after the hack to try to reach customer support. But in a video Korn showed Metro,clicking the help brings up an error page.

The error screen Korn sees when trying to reach customer support,a feature of Meta’s premium subscription plan (Picture: Instagram)

‘I have been completely unable to reach a human in the loop,’ he adds.

How did the hack work?

According to a viral video by the Telegram account Concetic Larp,the play involves using a virtual private network (VPN),which allows you to browse the web from another country by linking your computer to a server.

By setting their VPN to the victim’s region,the hackers can attempt to log in to the victim’s Instagram account and click ‘Forgot password’.

Usually,a user would need to do two-factor authentication – additional security alongside a password – such as clicking a link sent to their phone number or email.

But hackers could instead click the ‘Get support’ option to access Meta’s AI-powered account recovery tool and give it a prompt – an instruction for an AI – asking it to link the account to a new email address.

The digital assistant would then allegedly send the hacker a verification code to their own email,rather than the user’s,allowing them to take over.

Meta AI leads to hack of Barack Obama Instagram here is the video how it was hacked due to ai model foolishness pic.twitter.com/o0RQ0KzCBm

— Chetaslua (@chetaslua) June 1,2026

Some of the compromised accounts have been removed,scrubbed clean,suspended,or had their handles changed.

The method doesn’t poke a hole in Meta’s systems,but rather an exploit called a ‘confused deputy’ – fooling a system with elevated permissions into acting for someone it shouldn’t trust.

Meta AI hack is a ‘serious security risk’

Meta AI has special access to account management systems,which is not unusual for a customer support tool,Marijus Briedis,chief technology officer at NordVPN,told Metro.

‘So here lies the fundamental flaw in the switch to AI chatbots,’ she says.

‘If an attacker can persuade an automated system to help them bypass normal recovery steps,then the AI becomes part of the attack chain rather than a defence.

‘Account recovery is one of the most sensitive parts of any platform. It should never rely on convenience alone,because the person asking for access may not be the rightful owner.’

When said owner is a former US president,Briedis says it shows that the AI chatbot is a ‘serious security risk’.

Meta communication director Andy Stone told Metro: ‘This issue has been resolved and we are securing impacted accounts.’

He added,in response to an X user who said the workaround has not been patched,that compromised accounts have been ‘secured’.

‘Some people may receive password reset notifications and some may be asked security questions when they try and log into their accounts.’

Thank you for raising this. While we have already secured impacted accounts,we are now working to restore access to affected individuals. Some people may receive password reset notifications and some may be asked security questions when they try and log into their accounts.

— Andy Stone (@andymstone) June 2,2026

Get in touch with our news team by emailing us at .

For more stories like this,check our news page.