Title: AI Agents Power Self-Adapting Computer Worms

Abstract: Computer worms are a form of malware that propagates across networks by copying themselves from one device to another. Conventional worms, such as WannaCry, relied on known, pre-existing vulnerabilities, allowing their spread to be stopped through patching. This study reveals a novel threat enabled by artificial intelligence (AI) agents: a worm capable of crafting customized attack strategies for every target it meets. By hijacking compromised systems to run open-weight large language models (LLMs), the worm leverages stolen computing power to maintain its reasoning capabilities and expand its reach. Tested on a network comprising Linux, Windows, and IoT devices, the worm successfully spread by targeting prevalent vulnerabilities found in corporate environments. Because the worm utilizes the resources of infected machines, the attacker incurs zero marginal cost for each new infection, creating a destabilizing economic imbalance between offensive and defensive parties. Furthermore, since the worm does not depend on commercial AI platforms, centralized safety mechanisms like service denials or rate limits are inherently ineffective. These findings prove that self-sustaining, AI-driven cyber threats have moved from theory to reality. We must now prepare for autonomous generative adversaries: malware systems that operate without human intervention, defined not by static exploit code, but by their ability to reason about targets, adapt to new information, and generate attack logic in real time.

Source: arXiv Generated at: 2026-06-03 00:00:00 UTC