[xk3]

So the solution was to do the same thing that the hackers did??

> "tell the Meta support AI that the account is hacked and ask it to send the verification codes to an arbitrary email address they control"

I agree it seems like they could later use the same flow to get access again but maybe Meta has blocked some location spoofing now

[brianmcnulty]

Not exactly, I think part of the tools it has access to allows it to perform an "investigation" into recent malicious activity and account changes that may have occurred that were likely unauthorized (such as changing from an email used for a long period of time to a new one). I think this AI-version of this check was originally broken and just allowed any email but has now been fixed to only be emails that look like they were attached to the account, which is what the poster used to obtain access back into their account.

[parable]

The bug still exists - two of my friends have lost access to their accounts as of an hour ago. They've partially recovered but are unable to change their passwords, so their accounts are still technically in the hands of the attacker(s).

[brianmcnulty]

Yeah, it seems another ATO bug has popped up. I haven’t looked too much at it personally, but I hope Meta plans on taking their Meta AI Support Assistant offline until it undergoes far more rigorous security review.

[parable]

It seems pretty trivial to just add a check in the agent's tool call to determine if the email is actually the one on file (or one that has previously been on file). I'm not sure why it's taking them so long to remediate.