Cybercriminals ‘Grok’ Their Way Past X’s Defenses to Spread Malware

Cybercriminals ‘Grok’ Their Way Past X’s Defenses to Spread Malware

Cybercriminals ‘Grok’ Their Way Past X’s Defenses to Spread Malware

Image: Envato Elements

Hackers exploit X’s Grok AI to spread malware via promoted ads, exposing millions to malicious links in a scheme researchers call “Grokking.”

Écrit par
Matt Gonzales
Matt Gonzales
Sep 5, 2025
We may earn from vendors via affiliate links or sponsorships. This might affect product placement on our site, but not the content of our reviews. See our Terms of Use for details.

Threat actors have found a way to weaponize trust itself. By bending X’s AI assistant to their will, they’re turning a helpful tool into a malware delivery engine.

Hackers have turned X’s flagship AI assistant, Grok, into an unintentional accomplice in a massive malware campaign. By manipulating the platform’s ad system and exploiting Grok’s trusted voice, cybercriminals are smuggling poisoned links into promoted posts that look legitimate… and then using Grok to “vouch” for them.

The scheme fuses the reach of paid advertising with the credibility of AI-generated responses, creating a perfect storm for unsuspecting users. Security researchers warn that the method has already exposed millions of people to malicious websites, proving that even AI designed to inform and protect can be hijacked to deceive.

How ‘Grokking’ works

It starts with an ad, but it ends with a trap. What looks like a harmless promotion hides a toxic payload beneath the surface.

Researchers at Guardio Labs, led by Nati Tal, uncovered the technique in an age-restricted X post on Sept. 4 and dubbed it “Grokking.” Attackers hide malicious URLs in the “From:” metadata of video-card promoted posts — content X does not vet. These ads often use sensational or adult themes to lure users while concealing the actual link from moderators.

Next, the attackers reply to their own ads tagging Grok, saying something like “Where is this video from?” or “What’s the link to this video?” Grok, trusted by X as a system account, reads the hidden metadata and publicly reveals the link in its reply.

The result? Malware-laden links receive the twin boost of paid ad amplification and Grok’s credibility, a powerful combination that can generate hundreds of thousands to millions of impressions.

Dangerous AI repackaging: Grok, Mixtral, and WormGPT’s return

If criminals can twist Grok into a weapon, they can do the same with any AI. And that’s exactly what’s happening.

This Grokking scheme is just one prong of a growing wave of AI-enabled cybercrime. Security researchers have discovered new malicious AI variants, reviving the notorious WormGPT, built atop mainstream models like X’s Grok and Mistral’s Mixtral.

According to Cato Networks, threat actors are wrapping these commercial LLMs in jailbroken interfaces that ignore safety guardrails. One variant surfaced on BreachForums in February under the guise of an “Uncensored Assistant” powered by Grok. Another emerged in October as a Mixtral-based version.

For a few hundred euros, criminals gain access to AI tools specialized in crafting phishing emails, generating malware, code payloads, and even tutorials for novice hackers — without needing deep AI expertise.

This alarming trend highlights that the risk lies not in the AI models themselves, but in how adversaries exploit system prompts to bypass safety filters and repurpose LLMs as “cybercriminal assistants.”

Editor’s note: This content originally appeared in our sister publication eSecurity Planet

Matt Gonzales

Matt Gonzales is a technology journalist, editor, and content strategist with more than a decade of experience covering emerging technologies, enterprise IT, cybersecurity, artificial intelligence, and workplace innovation. As Managing Editor for eWeek and TechRepublic, he leads editorial strategy and newsroom operations while helping business and IT leaders navigate an evolving technology landscape. Throughout his career, Matt has held leadership roles overseeing content development, editorial planning, and newsroom operations across digital publications and enterprise media organizations. Before joining TechnologyAdvice, he served as an editor at SHRM, where he covered workplace trends and emerging technologies, and as Lead Writer and Editor for Marine Corps Systems Command, where he reported on defense technologies, innovation initiatives, and government technology programs. Matt's expertise spans cybersecurity, enterprise technology, AI, B2B software, technical writing, and digital publishing. He has reported on major technology developments, including the rapid evolution of generative AI, helping readers understand both the opportunities and risks associated with emerging technologies. His work combines deep research, editorial rigor, and practical business insights to make complex technical topics accessible to a broad audience. An award-winning journalist, Matt has earned recognition for excellence in reporting and editorial leadership. He holds a Bachelor of Science in Communication with a concentration in Journalism from East Carolina University and continues to focus on delivering trusted analysis and actionable insights for technology, cybersecurity, and business professionals.