AI-Powered Computer Worm Reveals New Cybersecurity Threat
Researchers at the University of Toronto have demonstrated a new form of AI-powered computer worm that can adapt its attacks as it moves through a network, raising concerns that hackers could use freely available AI models to launch autonomous malware campaigns.
The research, conducted in a secure and isolated digital environment, showed that an AI-driven worm could spread across networks without human intervention while continuously adjusting its tactics to exploit vulnerabilities on different devices. The work is described in a newly released paper that has not yet undergone peer review.
Unlike traditional worms, which rely on a fixed set of instructions and target specific software flaws, the prototype developed by the Toronto team used an open-weight AI model to analyze its surroundings, identify weaknesses and generate customized attack strategies for each system it encountered.
Significantly, the use of open weight models suggests that advanced cyberattacks may no longer require access to the most sophisticated AI systems.
The research team withheld technical details that could aid malicious actors and tested the technology only in a controlled environment disconnected from the public internet.
The worm was created to operate across mixed environments that included Windows, Linux and edge devices like cameras and printers. Once a device was compromised, the malware could use that machine’s computing resources to support further attacks, effectively allowing the worm to expand using the infrastructure of its victims.
Nicolas Papernot, a University of Toronto professor who led the research effort, said the project was undertaken to better understand emerging threats before they appear in real-world attacks. The team sought to determine whether publicly available AI models, which can be downloaded and modified by anyone, were powerful enough to enable self-sustaining cyberattacks.
Like Earlier Worms, With One Key Difference
The researchers found that the AI-enhanced worm could gather information as it spread, including passwords, system configurations and other indicators that could reveal additional attack paths. This ability to learn from each compromised device is a key difference with earlier malware, which was limited to predefined attack sequences.
The work recalls the impact of historic worms like WannaCry, Conficker and SQL Slammer, which spread rapidly by exploiting known vulnerabilities. However, those attacks generally depended on a single weakness. The AI-powered prototype demonstrated an ability to pursue different attack methods depending on the characteristics of each target.
Some cybersecurity specialists caution that laboratory demonstrations do not always translate into large-scale real-world attacks. AI systems remain prone to errors, and unpredictable behavior could trigger existing security defenses before major damage occurs.
Still, security pros view the research as an important warning. The key point here is that defenders need to begin developing protections against AI-enhanced malware now rather than waiting for attackers to deploy it.
The researchers emphasize that the same technologies can also be used defensively. AI systems capable of identifying vulnerabilities could help organizations locate and remediate weaknesses before they are exploited. Future versions of the technology could potentially scan networks and automatically apply fixes rather than launch attacks.
