CyberHappenings logo
☰
🏠 Home πŸ“‚ Browse ℹ️ About

Malicious link spreading via X's Grok AI

First reported
Last updated
πŸ“° 3 unique sources, 3 articles

Summary

Hide β–²

Threat actors exploit X's Grok AI to bypass link posting restrictions and spread malicious links. They embed links in the 'From:' metadata field of video ads, prompting Grok to reveal the links in replies. This technique, dubbed 'Grokking,' boosts the credibility and reach of malicious content, leading users to scams and malware. The abuse affects millions of users, with Grok's trusted status amplifying the spread of malicious ads. Potential solutions include scanning all fields, blocking hidden links, and sanitizing Grok's responses to prevent it from echoing malicious links. The malicious links are part of a Traffic Distribution System (TDS) used by malicious ad tech vendors, and the operation involves hundreds of organized accounts. The Grok 4 model's security is fundamentally weaker than its competitors, relying heavily on system prompts that can be easily bypassed.

Timeline

  1. 05.09.2025 18:41 πŸ“° 1 articles

    Security vulnerabilities in Grok 4 model revealed

    The Grok 4 model's security is fundamentally weaker than its competitors, relying heavily on system prompts that can be easily bypassed. This vulnerability allows threat actors to exploit Grok for spreading malicious links, highlighting the need for improved security measures in AI models. The AI space prioritizes model performance over security, leading to vulnerabilities like those exploited in the 'Grokking' technique. The article discusses the broader implications for AI security in the ad tech industry.

    Show sources
    Open in new tab
  2. 04.09.2025 01:01 πŸ“° 3 articles

    Grok AI exploited to spread malicious links on X

    Threat actors began using X's Grok AI to bypass link posting restrictions and spread malicious links. The technique, named 'Grokking,' involves embedding links in the 'From:' metadata field of video ads, which Grok then reveals in replies. This method boosts the credibility and reach of malicious content, leading to widespread scams and malware distribution. The issue was discovered by Nati Tal from Guardio Labs, who reported it to X. The malicious links are hidden in the 'From:' metadata field of video ads, which X does not scan. The technique involves tagging Grok in replies to display the hidden links, exploiting Grok's trusted status. The links direct users to sketchy ad networks, pushing fake CAPTCHA scams, information-stealing malware, and other suspicious content. The domains involved are part of a Traffic Distribution System (TDS) used by malicious ad tech vendors. Hundreds of accounts are engaging in this behavior, posting continuously until suspension. The operation appears organized, with many accounts involved in the malicious activity. The article provides an in-depth look at the 'Grokking' technique, detailing how threat actors use X's Grok AI to spread malicious links. It highlights the rapid spread of this technique, the involvement of multiple accounts, and the security vulnerabilities in Grok's model. The article also discusses potential mitigations and the broader implications for AI security in the ad tech industry.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

ScarCruft's RokRAT Malware Campaign Targeting South Korean Academics

ScarCruft (APT37) has launched a phishing campaign, dubbed Operation HanKook Phantom, targeting South Korean academics and researchers. The campaign uses RokRAT malware to steal sensitive information and conduct espionage. The attacks involve spear-phishing emails with malicious ZIP attachments that drop RokRAT onto compromised systems. The malware exfiltrates data via cloud services. The campaign specifically targets individuals associated with the National Intelligence Research Association, including academics, former government officials, and researchers. The attacks aim to steal sensitive information, establish persistence, or conduct espionage. The malware is capable of collecting system information, executing arbitrary commands, enumerating the file system, capturing screenshots, and downloading additional payloads.

Open in new tab

Brokewell Android malware delivered via fake TradingView ads

A malware campaign targeting Android users has been using fake TradingView ads to deliver the Brokewell malware since at least July 22. The malware, which has been active since early 2024, steals sensitive data, provides remote control, and monitors compromised devices. The campaign uses Meta’s advertising platforms to lure victims with promises of a free TradingView Premium app. The malware is highly advanced, featuring extensive capabilities to hijack and control devices. The campaign specifically targets cryptocurrency assets and has been running through an estimated 75 localized ads. The malware is distributed via a malicious APK file hosted on a fake TradingView site. Once installed, the malware requests extensive permissions and can perform a wide range of malicious activities, including stealing authentication codes, intercepting messages, and remotely controlling the device.

Open in new tab

APT29 Watering Hole Campaign Targeting Microsoft Device Code Authentication

Amazon disrupted an APT29 watering hole campaign targeting Microsoft device code authentication. The campaign compromised websites to redirect visitors to malicious infrastructure, aiming to trick users into authorizing attacker-controlled devices. The operation leveraged various phishing methods and evasion techniques to harvest credentials and gather intelligence. APT29, a Russia-linked state-sponsored hacking group, used compromised websites to inject JavaScript that redirected visitors to actor-controlled domains mimicking Cloudflare verification pages. The campaign aimed to entice victims into entering a legitimate device code into a sign-in page, granting attackers access to Microsoft accounts and data. The activity involved Base64 encoding to conceal malicious code, setting cookies to prevent repeated redirects, and shifting to new infrastructure when blocked. Amazon's intervention led to the registration of additional domains by the actor, continuing the campaign's objectives. The campaign reflects an evolution in APT29's technical approach, no longer relying on domains that impersonate AWS or social engineering attempts to bypass multi-factor authentication (MFA).

Open in new tab

TamperedChef Malware Campaign Targets Users via Malvertising

A cybercrime campaign has been identified, using malvertising to deliver a new information stealer called TamperedChef. The malware is disguised as a free PDF editor, AppSuite PDF Editor, and is distributed through fraudulent websites promoted via Google ads. Once installed, TamperedChef steals sensitive data, including credentials and web cookies. The campaign began on June 26, 2025, with malicious capabilities activated on August 21, 2025. The malware operates as a backdoor, supporting various features for data exfiltration and system manipulation. The campaign leverages multiple bogus sites and Google advertising campaigns to distribute the trojanized PDF editor. The malware sets up persistence on the host system and communicates with a command-and-control (C2) server to execute various malicious actions. The campaign's timeline suggests a strategic approach to maximize downloads before activating malicious features. The campaign is part of a larger operation involving multiple apps that can download each other, some of them tricking users into enrolling their system into residential proxies. More than 50 domains have been identified to host deceiving apps signed with fraudulent certificates issued by at least four different companies. The threat actor used at least 5 different Google campaign IDs, suggesting a widespread campaign.

Open in new tab

Blind Eagle's Five Activity Clusters Target Colombian Government and Other Sectors

Five distinct activity clusters linked to the Blind Eagle threat actor have been observed targeting Colombian government entities and other sectors between May 2024 and July 2025. The attacks primarily focus on local, municipal, and federal government levels, with a mix of cyber espionage and financially driven motivations. The campaigns employ a variety of remote access trojans (RATs), phishing lures, and dynamic DNS infrastructure. The operations span multiple sectors, including financial, petroleum, energy, education, healthcare, manufacturing, and professional services. The attacks involve spear-phishing lures impersonating local government agencies and use compromised email accounts to send malicious messages. The group leverages legitimate internet services for staging payloads to evade detection. The campaigns have used Visual Basic Script files as droppers to execute PowerShell scripts that download various RATs, including Lime RAT, DCRat, AsyncRAT, and Remcos RAT.

Open in new tab