- 841
- 224
Guardio Labs analysts have noticed that attackers are using the Grok AI assistant, integrated into the X social network, to bypass the restrictions on posting links that the platform implements to combat malicious advertising.
The researchers say that advertisers often post questionable videos containing adult content and avoid including the link in the body of the post itself to avoid detection and blocking. Instead, they hide the link in the “From:” metadata field, which is located below the video and, apparently, is not checked for malicious links. The attackers then reply to their own publication and ask Grok a question. For example, “Where is this video from?” or “Where is the link to this video?” Grok analyzes the “From:” field and sends a response with a full-fledged malicious link, allowing the user to click on it and go directly to the malicious site. Since Grok is a trusted system account in X, publishing it increases the authority of the link, its reach, SEO, and reputation, increasing the likelihood that it will be shown to a large number of users. Experts write that many of these links direct users to dubious advertising networks, after which victims see fake CAPTCHAs, can download infostealers and other malware. The researchers named this tactic "Grokking" and note that these attacks are quite effective: in some cases, they can reach millions of impressions of malicious ads, as shown in the screenshot below. To combat this problem, experts suggest implementing scanning of all fields, blocking hidden links, and adding context cleaning to Grok so that the AI assistant does not repeat any links at the request of users, but filters addresses and checks against blacklists. The researchers have already passed on all the collected information to X engineers, and have received unofficial confirmation that the report has been sent to the Grok developers. @ xakep.ru
The researchers say that advertisers often post questionable videos containing adult content and avoid including the link in the body of the post itself to avoid detection and blocking. Instead, they hide the link in the “From:” metadata field, which is located below the video and, apparently, is not checked for malicious links. The attackers then reply to their own publication and ask Grok a question. For example, “Where is this video from?” or “Where is the link to this video?” Grok analyzes the “From:” field and sends a response with a full-fledged malicious link, allowing the user to click on it and go directly to the malicious site. Since Grok is a trusted system account in X, publishing it increases the authority of the link, its reach, SEO, and reputation, increasing the likelihood that it will be shown to a large number of users. Experts write that many of these links direct users to dubious advertising networks, after which victims see fake CAPTCHAs, can download infostealers and other malware. The researchers named this tactic "Grokking" and note that these attacks are quite effective: in some cases, they can reach millions of impressions of malicious ads, as shown in the screenshot below. To combat this problem, experts suggest implementing scanning of all fields, blocking hidden links, and adding context cleaning to Grok so that the AI assistant does not repeat any links at the request of users, but filters addresses and checks against blacklists. The researchers have already passed on all the collected information to X engineers, and have received unofficial confirmation that the report has been sent to the Grok developers. @ xakep.ru