Home | Search

2026-04-16

Adaptive worms using AI

Disclaimer

• Quick Note
• Contains dual-use cybersecurity knowledge

Main

• Normally worms spread in one of two ways:
  1. Keep repeating the same technique that got them into the machine in the first place, to infect even more machines. For example, Shai-Hulud worm repeatedly targets npm package maintainers.
  2. Notify an attacker-controlled machine and await further instructions from it. The attacker could do anything at this stage, such as lock the machine and ask ransom, include it as part of a botnet, or (most important for the current discussion) write a separate exploit or worm that can spread from that machine into even more machine.
• My guess (haven't tested it out) is AI will make this last step more efficient.
  • Right now, the worm can only send data dumps to the attacker machine. For instance, it could send either a memory dump or a disk dump. Or it could use some simple heuristics to figure out what data is most important to send. Then the attacker has to sit and analyse everything and figure out what's the next step to spread the worm further. Do they use existing trusted connections, do they write a new exploit, and so on.
  • However, an AI that's actually good at cybersecurity could run on the compromised machine itself (or call openai/deepmind/etc servers), identify exactly which other machine or people trust this machine or person, which of those trusted connections can be exploited, perhaps even write the exploits on its own. For example, maybe this person publishes github repos that other people trust, maybe someone transfers files from this machine to another using a usb drive, maybe other people trust the gmail or slack messages sent by the person operating this machine and so on.
  • Maybe the attacker is still notified here, so the attacker decides whether to execute the exploit or not. After all, executing the exploit could reveal that the original machine was compromised, and there are pros/cons to this.
• If you extrapolate this to the limit, you could end up with a sufficiently capable AI model taking over control of almost all machines on Earth. I am not sure if I want to extrapolate this idea that far, yet.

Subscribe

Enter email or phone number to subscribe. You will receive atmost one update per month

Comment

Enter comment