Madrid, Oct. 16, 2025 (Lusa) - A new malicious ad campaign has managed to manipulate Grok, the Artificial Intelligence (AI) model of the X social network, to spread phishing links and malicious software on a large scale, warns cybersecurity platform ESET.

At issue is a new malicious campaign that has the ability to bypass X's advertising restrictions, designed to prevent fraudulent adverts.

The violation is carried out by publishing videos with clickbait content whose source information includes, instead of the name of a media outlet, a fraudulent link that redirects to phishing pages and scams.

Phishing campaigns are a type of cybercrime that involves sending fraudulent messages from a supposedly secure source with the aim of stealing personal and sensitive information.

In the case of the social network X, this campaign is characterised by manipulating Grok into spreading the link on a large scale, with the cybercriminals using a chatbot to identify the source of the video.

By analysing the publication, the AI model detects the embedded link and repeats it automatically, extending the reach of the malicious information.

This is a form of “instruction injection” attack, in which cybercriminals introduce hidden instructions into content processed by Artificial Intelligence (AI) systems to carry out actions that are blocked.

This campaign of malicious adverts has been dubbed ‘Grokking’ due to the role AI plays in disseminating information, and specifically because Grok is the chatbot chosen for this purpose.

Although it was already known that AI is used in malicious campaigns, criminals exploit Grok's reputation as a source of information, with the potential to reach millions of viewers.

However, as ESET makes clear, its impact is not limited to social network X, but can reach any platform that integrates language models or AI-based assistants.

ESET is an online security platform that aims to build a resilient digital environment by combining AI and human knowledge.

PYR/ADB // ADB.

Lusa