The newest Instagram “exploit” is the goofiest I've seen
3 hours ago
- #Cybersecurity
- #Instagram Hack
- #Social Media
- Instagram accounts, including high-profile ones like the Obama White House, were hacked using a simple, low-effort method.
- Attackers used VPNs to mimic the account owner's location, then convinced Meta's AI support to send verification codes to their email, bypassing security checks.
- The hack allowed full account takeover without verifying the email, bypassing 2FA, and revoking existing sessions with no notifications to the real owner.
- Black market Telegram groups offered takeover services, exploiting valuable short-handle accounts for profit or propaganda.
- Meta has since patched the vulnerability, but the flaw exposed significant security gaps in a major company's support systems.