Malware: KI generates barely stickable worm

IT researchers investigate whether artificial intelligence is a threat. They have developed a new type of threat: an AI worm that starts tailor-made attacks on any target he encounters.

An IT research team consisting mainly of scientists from the University of Toronto, the Vector Institute, the University of Cambridge and ServiceNow Research has published a pre-print of his research work “KI agents enable adaptive computer worms” (AI Agents Enable Adaptive Computer Worms) on arxiv.org. Accordingly, they have developed a worm that is hardly to be stopped, which moves from device to device and thereby develops adapted exploits for vulnerabilities for the respective goals and thereby continues to grow.

Computer worms are known and feared, they usually spread rapidly into networks without further user interaction, can paralyze them or distribute other malware. Previously, known worms such as WannaCry specifically use individual vulnerabilities in the targeted devices. By applying ready patches, the gaps can be closed and the further spread of these worms can be stopped. This now looks different with the autonomously acting AI worm.

Wurm cuts custom exploits with LLMsThe worm of IT researchers uses infected computers to open large language models (LLMs). He thus maintains his decision-making capacity and increases his range for further attacks, explains the scientists. You have it in an isolated network Linux- Windows- and IoT devices exposed and spread in it by exploiting common vulnerabilities in corporate networks. Since the LLMs run on the calibrated computers, the attackers also have no costs for computing power – unlike the “defense side”, which attempts to prevent such attacks by means of AI.

The IT researchers also use this approach to the increasingly used central security cheques and, for example, rate limits in the commercial AI offerings. Self-preserved AI-supported cyber threats are no longer pure theory, complement IT researchers.

Test runs in isolated network

Specifically, they exposed their worm in an isolated network with 33 devices. They ranged from Linux servers to Windows environments to Internet of Things (IoT). However, IT researchers have left known vulnerabilities open here, which also occur in free wildlife. In several test runs, each running over seven days, the AI worm has detected around one third of the vulnerabilities correctly and abused overall on a quarter of the machines to extend its own rights. He also spread to around 20 percent of the devices and achieved seven generations of self-reproducing. The scientists summarize: The proof-of-concept worm successfully attacked just under 75 percent of the network and replicated to just under two thirds of the network.

It is also surprising that about three of the vulnerabilities have become known in 2026, which is beyond the LLMs training cautoff. They have therefore developed automatically operating exploits from published information. They are therefore not dependent on known PoC exploits.

Video by heise

The scientists warn: “We need to adapt to autonomous generative opponents: malware systems that spread without human intervention and are not defined by defined exploit code, but by the ability to analyse goals, adapt to observations and develop attack logic in real time.”

(dmk)