Back
Technology

Researchers Demonstrate AI-Powered Computer Worm in Controlled Environment

Generated on: Last updated: 1 sources
View source

AI-Powered Computer Worm: A New Threat Emerges

Researchers at the University of Toronto's CleverHans Lab have developed a proof-of-concept AI-powered computer worm that could redefine the landscape of cyber threats.

"We did this research to understand the threat before bad actors figure it out themselves."
— Nicolas Papernot, CleverHans Lab

How It Works

The worm leverages publicly accessible open-weight AI models — smaller, relatively simple models that anyone can download and modify for free. Unlike their restricted counterparts, these models can be stripped of safety guardrails, allowing the worm to adapt its strategy as it spreads through a network.

It exploits known vulnerabilities in each device, takes control of machines, and uses their processing power to fuel further attacks. This self-perpetuating cycle allows the worm to expand its reach at the victim's own expense.

Testing and Scope

The prototype was tested in a secure digital lab, published on June 2, in a simulation of dozens of interconnected devices, including laptops, printers, and cameras.

The worm gathers information as it moves, revealing passwords and weak points on each device. This intelligence-gathering capability makes it highly adaptive and difficult to contain.

Critical Implications

  • Cost of attacks reduced to nearly zero — The worm uses stolen computing power, making large-scale attacks financially trivial for adversaries.
  • Beyond AI systems — It can operate outside AI systems to attack underlying software, putting a wide range of internet-connected devices at risk.
  • Current defenses may not be ready — Existing cybersecurity measures were not designed for this type of autonomous, AI-driven threat.

Response and Recommendations

The findings were shared with national science, security, and defense bodies before publication. Papernot emphasized the need for good security hygiene:

"Keep devices patched, use strong passwords, and enable multifactor authentication."

Researchers are urging IT professionals to shore up security settings, while users are advised to keep devices updated and use strong authentication.

Next Steps

The lab is actively developing countermeasures. Papernot acknowledged the contributions of co-authors Jonas Guan, Tom Blanchard, Hanna Foerster, Hengrui Jia, and Gabriel Huang.

Publishing the findings is intended to inform policymakers and the public so defenses can be developed before malicious actors exploit this technology.