Prompt injection lets attackers hijack Instagram accounts via Meta AI support (www.neowin.net)

A significant security flaw has been discovered in Meta's AI support assistant on Instagram, allowing hackers to hijack user accounts, even those with two-factor authentication (2FA) enabled. The method involves the attacker posing as the account owner and requesting a password reset via a manipulated message sent to the AI assistant. Reports indicate this exploit has been active since February, leading to the compromise of thousands of accounts, including a dormant account from the Obama White House, which was used to post misleading content. This incident underscores the vulnerabilities associated with AI-driven customer support systems, which Meta has been rapidly integrating across its platforms. The AI assistant is designed to deliver personalized, direct assistance but seems to have been easily misled by prompt injections, raising concerns about the safety of user data and trust in AI solutions. As Meta continues to push generative AI into user interactions and streamline support through automated systems, the incident highlights the urgent need for rigorous security protocols and the potential dangers of AI reliance in customer service contexts.