Hackers can turn Grok, Copilot into covert command-and-control channels, researchers warn
Summary
Researchers have discovered that attackers can abuse web-based AI assistants like Grok and Microsoft Copilot to create command-and-control channels (hidden communication paths between malware and attackers), hiding malicious traffic within normal AI service traffic that organizations typically allow through their networks without inspection. This technique works because many companies grant unrestricted access to popular AI platforms by default, allowing malware to receive instructions through the AI assistants while remaining undetected.
Solution / Mitigation
Security leaders should apply governance discipline similar to high-risk SaaS (software-as-a-service, cloud-based software) platforms. Specifically, organizations should start by creating a comprehensive inventory of all AI tools in use and establishing a clear policy framework for approving and enabling them. The source text is incomplete but indicates that implementing AI-specific controls was being recommended; however, the full recommendation is cut off and not available in the provided content.
Classification
Affected Vendors
Related Issues
Original source: https://www.csoonline.com/article/4134419/hackers-can-turn-grok-copilot-into-covert-command-and-control-channels-researchers-warn.html
First tracked: February 19, 2026 at 07:00 AM
Classified by LLM (prompt v3) · confidence: 85%