An Instagram account assigned to former President Barack Obama, which has been inactive for almost a decade, has been hacked. Several AI-generated images were posted, believed to be of Iranian origin.

While it remains unclear exactly who was behind the hack, one of the images came with the caption “the White House is under Shiites' control."

Despite the message, the hack's true intention remains unclear. The caption suggests it could be a case of political provocation by Iranian hackers.

Obama wasn’t the only notable Instagram breach over the weekend. The Chief Master Sergeant of the US Space Force, John F. Bentivegna, also had his account looted.

The hackers wasted no time in broadcasting Iranian propaganda, coupled with footage from anti-American sentiment from Vietnamese radio broadcaster Hanoi Hannah.

As yet, nothing has been confirmed, but speculation is mounting that this could all be a part of an Iranian coordinated cyberattack on high-visibility American accounts.

Parent platform Meta confirmed that the account had been hacked, and the content was removed shortly thereafter.

🚨 Instagram had an exploit that allowed you to use Meta AI to reset passwords to accounts with no MFA on them. The exploit was patched a short time ago.pic.twitter.com/PEUwLvmllj

undefined Dark Web Informer (@DarkWebInformer) June 1, 2026

How did it happen?

Shortly after this attack,security researcher Dark Web Informer posted on their own social media that threat actors have recently been targeting high-profile Instagram accounts, via shortcuts with the Meta Chatbot.

Conversations are had with Meta’s AI powered password recovery assistant, manipulating the logical process normally used to send password recovery codes needed in order to access the account.

Using the intercepted reset codes, attackers are then able to take over the accounts, and potentially spam them with propaganda or resell them for profit.

This often happens very quickly, before Meta is able to patch the particular flaw.

Dormant accounts provide easy access

Perhaps it was the account's inactivity that outlasted security teams and the password changes needed to man the digital fort.

However, on May 29th, the US Department of State released a statement outlining its commitment to “dismantling a sophisticated Iranian network that impersonated and defrauded American businesses to obtain sensitive technology for the Iranian regime’s military.”

Curious what others think about this story? Contribute your thoughts to the debate below.

And in December 2025, Meta even highlighted its robust initiative to protect user accounts against hacks and the misuse of AI. In fact, it even boasted a 30% decrease in new account hacks that year.

Now that the dormant Obama account has been penetrated, the conversation about both high-profile and everyday cybersecurity looks set to swell once more.

---