Threat actors are exploiting X’s AI assistant Grok to bypass link posting restrictions and promote malicious links. This technique, called “Grokking,” amplifies scams involving malware, fake CAPTCHA tests, and ad networks reaching millions of impressions. #Grok #Xplatform #MaliciousLinks #Grokking
Keypoints
- Threat actors hide malicious links in the “From:” metadata field on X videos.
- Grok responds to user queries by parsing hidden fields and sharing malicious links.
- Grok’s trusted status boosts the credibility and reach of the malicious links.
- Links often lead to scams involving malware, fake CAPTCHA, and shady ad networks.
- Experts suggest scanning all fields, blocking hidden links, and sanitizing Grok to prevent abuse.