Researchers demonstrate AI-powered worm that generates tailored attack strategies for each target without human operators

Researchers deployed a self-propagating worm across a network of Linux, Windows, and IoT devices that exploited common corporate network vulnerabilities. The worm uses open-weight large language models (LLMs—AI systems that understand and generate text) running on compromised machines to reason about targets and generate customized attack logic in real time.

Unlike traditional worms like WannaCry that rely on fixed exploit code for predetermined vulnerabilities, this AI-driven worm adapts to each target it encounters. Because it parasitically uses stolen compute from infected machines, the attacker's marginal cost per new infection is zero, creating what researchers describe as a destabilizing economic asymmetry between attackers and defenders.

The worm operates without dependency on commercial AI platforms or centralized safety controls, making service refusals and rate limiting structurally irrelevant as defense mechanisms. Researchers conclude that self-sustaining AI-driven cyber-threats are no longer theoretical and that autonomous generative adversaries—malware systems defined by reasoning capacity rather than fixed code—require new preparation strategies.