AI worm can spread across devices without human help, researchers warn

Researchers have developed a proof-of-concept AI worm capable of spreading between devices without any human interaction, according to a study published by Live Science. The worm leverages large language models to make autonomous decisions that traditionally require a human hacker, such as identifying targets and navigating networks. The team warns that this type of malware could evolve to bypass conventional security measures.

Unlike typical worms that rely on predefined instructions, this AI-driven variant adapts its behavior in real time. By exploiting vulnerabilities in generative AI systems, it can hijack these models to generate new attack vectors on the fly. The researchers stressed that patching alone cannot stop such threats, as the worm's decisions are not limited to known exploits.

The experiment was conducted using a relatively modest budget, highlighting how accessible this technology is to malicious actors. The worm was tested in a controlled environment, demonstrating its ability to move between email clients and retrieve data without triggering alarms. However, the researchers did not release the worm's code to the public.

Critics argue that the threat may be overstated, given that the worm currently requires specific system vulnerabilities to operate effectively. One expert noted that real-world deployment would likely be limited by existing defenses and network segmentation. The study's authors acknowledge that widespread harm is not imminent but emphasize the need for proactive defenses.

The development underscores a growing concern in cybersecurity: as AI tools become more powerful, so too will the malware that exploits them. Security firms are already exploring how to detect such autonomous threats before they become mainstream.