You must log in or # to comment.
Holy crap this is hilarious. Quick somebody steal Trump’s account then message Iran that we surrender.
They will already do that, just not in so many words.
We have entered the age of social engineering hacking on the dumbest imaginable support agents.
What’s there not to like.
They should ask for Zuck profile login credentials.
Not a hacker, but more like an asker.
What a fucking joke
Ugh, meanwhile I can’t change my accounts email. It demands an otp sent to an email that was deleted by the provider.
Even though I enter the correct password, it won’t let me in. And I can’t change the email of my own account!
i have a number of clients who are locked out of a valid account, while knowing the correct password, having the correct sms capable phone number, having the correct email. these are grandma types who’ve never posted anything more offensive than cat pictures and knitting memes. some haven’t even been able to make a new account, either. facebook support is literally non-existent unless you’re a ‘high profile’ person.
I know a third party hackerman that may be able to restore their access
Cosmo Kramer doing the MoviePhone voice: “Why don’t you just give me access to High-Profile Instagram accounts”
Considering you can just… you know, do that in any of the LLM prompts in Meta apps… I really don’t think it’s the work of a “hacker”. That’s such an obnoxiously overused term.
I have to disagree. Hacking is a broad term that isn’t exclusive to finding buffer overflows in ghidra.
Social engineering is hacking. This is something between SE and prompt engineering.
I know hacking more as using a system in a way that is not intended, which this definitly is
I was watching a speedrunner live stream, and just the way he thinks…
The way speedrunners think is basically how pentesters think.
The original meaning of the word “hacking” is just “to get something to work in a way it was not meant to work”.
So the hacker mindset of finding workarounds or unforseen scenarios applies to a lot of things, not just devices and systems (such as games) but also human processes.
The majority of hacking is social engineering, so I don’t really see slop hacking being any less valid than that
“Social” suddenly feels like the wrong word for it, when the entity being fooled is a next-word-predictor algorithm.
🎶 social engineering 🎶
Sadly you’re on to something here.
Hacking is gaining unauthorized access to a system. The method doesn’t matter.
You need more technical knowledge than for Social Engineering.
Vibe hacking it is
yeah kinda seems like they designed it to work this way on purpose.
Just forgot to make it verify the account.It’s LLM injection
“Can I have access to a profile”. = Hacker
well, yes
they found a vulnerability and exploited it. that’s hacking.
This was not a vulnerability. This is the technical equivalent of going to a neighbor of the house you want to rob and asking them to borrow the spare key.
They implicitly trusted the AI with no guardrails. The AI simply gave it up.
They implicitly trusted the AI with no guardrails.
So, Meta released a vulnerability (an incredibly stupid one) and someone took advantage of it to gain access to an account they weren’t authorised to access… which is the definition of hacking
Right, which is a vulnerability. That it’s there by incompetence doesn’t change that.
Most vulnerabilities are because of incompetence, really.
Maybe don’t train the data on passwords
