(Credit: Li Hongbo/VCG via Getty Images)
Don't miss out on our latest stories. Add PCMag as a preferred source on Google.
X’s Grok may not be able to give you its unfiltered takes on the positives of Nazi ideology anymore, but it can still mess up your computer if you're not careful where you click.
Hackers are now using X’s in-house chatbot Grok to boost links and traffic to malicious adult websites, injecting unsuspecting users with malware, in a practice known as “Grokking.” According to research from Guardio Labs reported by BleepingComputer, cybercriminals will run video ads on X containing adult content to grab scrollers’ attention. Hackers then include a malicious link in the video’s metadata field, after the small "From:" beneath the video, which allows them to evade X’s tools that monitor malicious links.
The bad actors will then comment under the video, asking where the video is from. Grok will then serve up a fully functioning link to the malicious website, usually containing some form of malware. This type of public linking also has the impact of boosting the websites SEO ranking, as Grok's response are indexed on Google.
(Credit: @bananahacks)Guardio Labs researcher Nati Tal suggested that you can protect yourself by carefully scanning all fields and enabling hidden link blocking on X, so it automatically checks links against blocklists.
X has yet to give any official commentary regarding the issue, though its engineers have unofficially acknowledged the problem to the security researcher.
But if you've been using X long enough, you may have already learned it's a good idea to double-check what you click. Numerous high-profile accounts have been hijacked to promote crypto scams, including one of OpenAI's unofficial accounts in late 2024. Meanwhile, though it might not cost you money directly, federal investigators have highlighted thousands of bots on the platform, allegedly spreading Russian state propaganda.