APT / THREAT GROUP
GROK
2
aliases
Last seen:Mar 17, 2026
Intelligence Profile
Malware family tracked by Malpedia. ID: win.grok
Threat Analysis
GROK is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning GROK
Grok Is Still Hosting Sexualized Deepfakes of Famous Women
Wired Security· Jun 11, 2026
xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity
Wired Security· Jun 3, 2026
UK government threatens tech bosses with jail time if they do not adequately fight nudification tools
The Record· Apr 10, 2026
Dutch court threatens xAI with fines over Grok's nonconsensual nude images
The Record· Mar 27, 2026
Global data protection authorities warn generative AI companies against replicating real people
The Record· Feb 23, 2026
AI platforms can be abused for stealthy malware communication
BleepingComputer· Feb 18, 2026
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies
The Hacker News· Feb 17, 2026
External References
Quick Facts
TypeAPT / Threat Group
Aliases2
Also Known As
win.grokGROK
External Intelligence
Malpedia: win.grokResearch Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.