Hackers Exploit X’s Grok AI to Spread Hidden Malicious Links

Cyber criminals have found a new way to spread scams on X by using its own built-in AI assistant, Grok, to bypass strict link posting rules and push dangerous ads to millions of users.

How attackers trick Grok into sharing hidden links

Researchers at Guardio Labs discovered that malicious advertisers are abusing Grok to get around restrictions on posting suspicious links. Instead of placing the link in the body of an ad, where it would normally be flagged, attackers hide it in the small “From” field of the video card metadata. This field is often ignored by X’s automated systems.

Once the ad is live, the attackers or fake accounts reply to it with questions like “where is this video from” or “what is the link to this video.” Grok scans the hidden field and then posts the full link in a clickable format.

Because Grok is a trusted system account, its reply makes the malicious link look safe and credible.

Why this method is dangerous for users

Grok’s replies do more than just share the hidden link. They give the post a boost in visibility and legitimacy, since system-generated responses are more likely to be trusted.

This amplification makes it easier for attackers to push harmful sites that lead to:

• Fake security checks such as CAPTCHA tests

• Scam pages designed to steal personal details

• Malware downloads that infect devices

The researcher who uncovered the loophole, Nati Tal, noted that some of these malicious ads reached millions of impressions before being flagged, showing how effective this method can be.

What experts call “Grokking”

Tal has given this technique a name: “Grokking.” It refers to exploiting the AI’s blind spot by making it echo hidden information without checking if it is safe.

The problem is not just the hidden link, but that the AI assistant promotes it automatically. By doing so, attackers not only bypass X’s restrictions but also gain free promotion from the platform’s own technology.

The scope of the problem is significant. According to Tal’s research, attackers often funnel users through shady ad networks before landing them on malicious sites, making it harder for victims to trace the threat back to the original ad.

Potential fixes and platform response

Experts suggest several ways to stop Grokking. These include:

• Scanning all metadata fields for hidden links

• Blocking links placed in ignored or unused fields

• Adding filters to Grok so it does not automatically echo suspicious content

Tal confirmed he reported the issue to X and was told that Grok’s engineers received the information, though no official public response has been issued yet.

A request for comment from X has gone unanswered, leaving uncertainty over whether the platform will act quickly to close the loophole.

Why this matters for everyday users

The rise of Grokking highlights how attackers are quick to exploit new tools, even those designed to help users. For millions who use X daily, this tactic makes it harder to tell if a link is safe.

AI-generated trust can be weaponized. A reply from a system account looks more reliable than a suspicious user profile, so many people may click without thinking twice. The speed and reach of X’s platform mean even short-lived campaigns can harm thousands of users in minutes.

As social media platforms continue to integrate AI, the balance between innovation and security is becoming more urgent than ever.

Cyber criminals have once again proven that they can turn trusted tools into attack vectors. This time, they are exploiting X’s Grok to push hidden malicious links to millions. Whether the platform responds quickly could determine how safe its users remain. What do you think about this loophole being used in plain sight? Share your thoughts and let others know by spreading this article.