RSS

The newest Instagram "exploit" is the goofiest I've seen

amcclure2 pts0 comments

"The newest Instagram "exploit" is the goofiest I’ve seen" – OSnews

Home > Clown car > "The newest Instagram "exploit" is the goofiest I’ve seen"<br>Yesterday, a slew of Instagram accounts, including some high profile ones like the Obama White House account, seemingly got hacked.<br>Look, I’m no spring chicken. I’ve spent almost a decade and a half identifying vulnerabilities and exploits at unicorn scale, but this is hands down the most unserious, "almost too stupid to be true" of them all.

↫ Sid at 0xsid.com<br>…it’s "AI" isn’t it?<br>All the attacker needs to kick this off is your account username. Then, they hop on a VPN or proxy close to your city so Instagram’s security algorithms don’t suspect a thing. (You can quite easily get this from your public profile or "About" section or a hundred other ways.) Once it looks like the request is coming from the correct region, they tell the Meta support AI that the account is hacked and ask it to send the verification codes to an arbitrary email address they control.

↫ Sid at 0xsid.com<br>It’s "AI".<br>Yes, all that you need to do to gain control over big, massively popular Instagram accounts is ask Facebook’s "AI" to send the verification codes to whatever email address you desire. That’s it. There’s no other steps, no other checks, no other verification. And the worst part is that this isn’t even a hack; this is "AI" working entirely as intended.<br>And these tools are now coding the Linux kernel, LLVM, systemd, PulseAudio, rsync, your browser, and so much more. What could possibly go wrong?

About The Author

Thom Holwerda

Follow me on Mastodon @[email protected]

3 Comments

2026-06-02 11:17 am

kurkosdr To be fair, this is a case of "AI" being helpful, just to the wrong people.

Log in to Reply

2026-06-02 12:23 pm

Drizzt321 I wouldn’t be "fair" about this. This is the most stupid design/setup ever. It should NOT be able to even do this, however hard you try. This is plain and simple an absolutely terrible implementation. Some marketer/product designer overrode or never asked for any kind of implementation/security review, and just YOLOed it and pushed it.<br>LLMs are pretty good at NLP interactions, but if you give it the keys to the kingdom, it’ll easily screw up. It should only have been able to say "send it to an email that was before any changes since the user claims it was hacked". That’s not so hard, is it? Apparently it is….

Log in to Reply

2026-06-02 1:19 pm

LeFantome Replace "AI" in Thom’s rant with "computers" and you probably reproduce a lot of the water-cooler talk in the 70’s and 80’s. Can you believe that they are going to let computers handle our money? The world is going to hell in a hand-basket.<br>I am not into the AI hype but I am not into the AI anti-hype either. My thinking has changed quite a lot on this and where I land right now is basically "computers do what you tell them to do, not what you want, and certainly not always what you need". AI does not fundamentally change that.<br>We used to tell computers exactly what to do with machine language (assembly language). We do not do that anymore. Mostly we express the "semantics" of what we want in higher level programming languages. These go through compilers and interpreters to generate machine language. My old thinking was that compilers were deterministic and AI was not. Except neither of those things is as true as I thought. They are closer than I used to think. LLMs are much fancier of course but a bigger difference is that we give compilers much more detailed "prompts" about what we want (better semantics).<br>In both cases though, if they are not doing what we want, it is probably because they are doing what we told them to do. It is almost certainly that in this case.<br>If you have ever written a compiler, you know that the machine code it creates may implement different algorithms than the code you wrote. Entire variables, loops, and even functions can disappear. Loops may be rewritten. You get vector math and parallel processing where you did not ask for it. Even things like basic math can be converted to shifting binary bits instead. And what is kind of crazy is that, these days, it happens again at the assembly language level inside the silicon itself. Those instructions are further converted into micro-ops (microcode) which is what the microprocessor actually executes. And those micro-ops can be executed out of order, executed in parallel, or skipped completely. It is layers and layers of abstraction.<br>A program language like Python lowers the bar in terms of the knowledge you need to make a computer do things compared to having to write programs in machine language. An application created in a high-level language lowers the bar even further to make computers accessible even to people that cannot Python. But this means that the "users" can make even bigger and less well informed mistakes. AI takes it further in that it makes even more capability available to even less technical users. They are now...

even language instagram computers like email

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.