Security 101 when changing the email of an account for any reason: email the old account and let it know the change happened.

The weird thing is I know the Instagram security team, and they are top notch. I have a feeling this was vibe coded by someone outside of security and security wasn't looped in.

The scary bit is that this sounds less like a clever exploit and more like abusing an overly-trusted internal workflow. AI support just makes that workflow easier to poke at scale. Do you think this would have been possible with human support too, just slower?

Imagine dragging in a random person from the street and making them work on account recovery without training them first. That seems to be what happened here, the process was simply left to model's judgement, and the model only sees a text stream, even less than a random person from the street who is at least going to be vaguely aware of their position. It could be a roleplay for what the model cares.

The agent should have had proper instructions to check the identity of a complete stranger. Yes it's still possible to jailbreak the model, and it's probably still easier than deceiving a trained human employee in a social engineering attack. But it doesn't mean there shouldn't be a proper process of identity verification on account recovery at Meta.

Here is a video showing it being done.

(https://xcancel.com/DarkWebInformer/status/20612535997583155...)

So every time my ISP changes my IP, facebook pitches a fit, makes me solve a dozen captchas and authenticate on an existing login session, but in the meantime Meta' sother website doesn't even require using the registration email for a password reset?

Passkeys are not going to fix this. The only thing that will fix this is some kind of notarization backed identity that people can go to as a recourse.

The EU Should force them to do this.

> All the Telegram groups have quieted down as Meta seems to have patched it already, but it appears this particular method was active for weeks, if not months.

Is that for real? I find it hard to believe that an exploit THIS simple and easy to abuse managed to stay live for weeks or months.

This is an embarrassing failure for Instagram. But SIM cards have been hacked the same (by tricking support, claiming the phone was lost or stolen), except the agent was human.

The solution (which also solved SIM support agents being bribed or hacking known acquaintances) was to prevent the agents from resetting the SIM card without some steps the original owner would have to follow (and could follow even if they've lost their original phone), like a PIN they'd have to remember. I think the same solution should be applied to AI agents.

Fun fact: I once got a security bounty because they sent the 2FA emails through click (some email monitoring SAAS thing) with "view in web" enabled, and it was set up so that the emails under a given template used an auto incrementing ID, so you just had to request a 2FA email and then access it through click's web UI.

Deleted my Instagram account. This should be a bigger international story, but most people outside HN won’t hear about it and won’t understand why this is such a big deal