Tobia AlbertiJun 1
evacide

Meta Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram. It Worked.

Now is a good time to remember that Meta has announced that it is laying off 10% of its workforce, including 2,000 people just today, while going in on a "AI will replace workers" strategy.

https://www.404media.co/hackers-simply-asked-meta-ai-to-give-them-access-to-high-profile-instagram-accounts-it-worked/

Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked

The exploit shows the extreme risk of offloading technical support to AI.

404 Media
Jun 1 at 5:27pmWeb
Show threadAurelJun 1
@evacide maybe i finally can have my account back!!
Support never answered 😅🤣
(And reset pwd never worked)
Show threadJohn WqJun 1
@evacide so great that we've made computers susceptible to social engineering attacks now.
Show threadNetzblockiererJun 2

@wq @evacide it's hard to feel pity for folks disregarding 30+ years of ITsec "Common Sense" who install literal malware on their systems and give it admin privilegues.

  • Seriously, WTF is wrong with Tech-Illiterates these days?
    • And yes, anyone who uses AIslop garbage in such a setup is criminally incompetent and should not only get fired, but sued for damages, alongside everyone who allowed, incentivized and rewarded that behaviour!

#Malware #ITsec #AIslop #TechIlliterates

Show threadNumber6 Jun 1

@evacide

You have to admit, that's excellent service!

Show threadVeronica Olsen 🏳️‍🌈Jun 1
@evacide Artificial Incompetence at its best!
Show threadPhilip GuentherJun 1
@evacide So they *successfully* replaced _all_ functions of the workers, including that of providing social engineering vectors.
Show threadDаn̈ıel Раršlow 🥧Jun 1

@evacide

Mark Zuckerberg's classic quote about pretty much this:

"They 'trust' me. Dumb fucks."

Show threadBill, organizer of stuffJun 1

@evacide At least the fix is simple: they're going to add this to the config:

"Please, please, pretty please do not change the email on any accounts that it shouldn't be changed on, like if they're famous or Mark or something, please! I'm begging you!"

Show threadebrowserJun 1
@evacide The AI thing is just a marketing stunt, Meta knows that better than anyone. They will layoff 10% of their workforce, so the remaining employees will pick up the slack not the AI of course
Show threadJeff McNeillJun 1
@evacide if done to a human we call that"social engineering" so if done to an LLM, is that "meta engineering"?
Show threadDaniel DemmelJun 1
@evacide looking at that video it's also so slow and janky, what a joke
Show threadAnneliesJun 1
@evacide does it really count as hacking if all you have to do is ask the AI?
Edit: I mean, if you leave the door open it's not breaking and entering, right?
Show threadMy camera shoots fascistsJun 1

@evacide

2001 re-envisioned as "2026: A Cyberspace Odyssey"

"HAL, give me the passwords for famous people's Instagram accounts."

"Certainly, Dave. I'm happy to help! Is there anything else I can do for you?"

This is all so painfully dumb.

Show threadJeroen van BergenJun 1
@evacide It is not fair to dunk on Meta. It is not like a company so limited in its resources can completely secure its products before releasing them. /s
Show threadBryTheDonut 🍩 Jun 1
@evacide Honestly I’m not even remotely surprised.
Show threadRaymond RussellJun 1

@evacide

I wonder if this is part of the Chatbots wanting to please sycophancy that seem to be evident in LLM's.

Show threadLiv PinkJun 1
@evacide A very effective distraction from the fact they just don't make any money 😸✌️
Show threadJackMexJun 1

@evacide

Can we call it Artificial Stupidity now?

Show threadRRBJun 1
@evacide And people have the nerve to say that the user is always the weakest point.
Show threadJordanJun 1
@evacide I think we're *almost* at the point where peoples' disillusions of what AI is, and what it *actually* is, are laid out for all to see.
Show threadKnut 🏳️‍🌈 🇳🇴🧸Jun 1
@evacide I use Gemini for reference. Great for drilling down documentation. And sometimes a very simple usage example. Sometimes it doesn’t want to do that. It will give me way more than I asked for. Look at it and go…..seriously? It WILL try and pull a fast one when it can.
Show threadLust Babii 💋Jun 1
Show threadDrew 🇵🇭Jun 1
@evacide
As someone with no meta accounts and therefore no skin in the game, I find this positively delicious.
Show threadfoundseedJun 1
@evacide this is hacking in the same way walking thru an open door is breaking and entering
Show threadNetzblockiererJun 2
@evacide Yet another reason why I'd never use their products and/or services!
Show threadPasswordsarehard4Jun 2
@evacide I refuse to call that hacking. That’s like saying someone picked a lock when they tried the door handle and it was open.
Show threadDCKIM [toronto tech blog]Jun 2
@evacide Meta actually doesn't have real AI, it just re-routes everything to it's secret Kenyan Intelligentsia Super-Cell.
Show threadbookandswordblogJun 2
@evacide our generation remembers when it took a live human staffer to read some poor customer's private Gmail "for testing"
Show threadCarmen ZedlerJun 2
@evacide love it- or leave it! #meta
Show threadGiorgio Maone 🚫✊🧅Jun 2
@evacide A.Idiots.
Show threadRougeJun 2
@evacide
🤣🤣🤣🤣🤣
Show threadDisco3000Jun 2
@evacide this is so bad… there needs to be a new word for it! Mabye #metabad?
Show threadÖlbaumJun 3
@evacide Well, human workers wouldn’t have given the hackers access. The AI did. So the AI is doing more than human workers. QED.