It's not fully described how things work exactly, but apparently it does not transfer entire LLMs as part of the worm. Now that would be interesting :)
I think an approach could be to use some engineered security issue or however people build botnets, and give it some AI llm that is small and minimal but comes with instructions to download models from hugging face, and some other minimal prompts and descriptions of tools. Then it could use this to grow in infected computers and try find more capable and vulnerable computers to run better capable models and also devise some minimal communication between the different points of the botnet. Perhaps set itself a goal to dominate the biggest amount of compute and have some other goal. Would be curious to see what happens.
> The worm parasitically uses compromised machines to run open-weight large language models (LLMs) to sustain its reasoning, or extend its reach for further attacks.
Did people doubt that this was theoretically possible? Seems self-evident to me. The interesting thing will be seeing it in the real world rather than in a controlled environment where they deliberately made all devices on the network have a known vulnerability.
Obvious pattern of using ai to replace human reasoning in a proven methodology of malware distribution, C&C, and network infiltration obviously possible, say researchers.
Researchers use AI to create the torment nexus using commodity hardware, demonstrating the very real threat that AI could enable attackers to create torment nexus nodes using commodity hardware. “It wasn’t even that hard !“ says one researcher. Firmware available to qualified researchers who pinky swear that it will not be leaked.
Researchers set fire to laboratory with gasoline, killing seven volunteer victims, demonstrating that laboratory fires are a real risk and can carry significant consequences, especially when gasoline is involved.
ANY online device? Even assuming AI can find vulnerabilities in every operating system, there's no indication that this is actually true beyond a "here's how it could work"
This is the same nonsense that lead to article saying researchers had created a wormhole when all they had done was draw one.
I have a microcontroller with an ROM disk (i.e., physically read only). You're telling me that an AI can find a way around the physics of not being able to mutate ROM and exploit it?
I made a tiny ai bug hunting harness (<4MB) that has everything (except the model obviously). It was designed for pentesting purposes where the tiny size matters to make it more portable between environments.
The intended purpose is not to be used as a worm but it does not take a genius to figure out that with small modifications such a thing could work relatively well - especially if it uses AI keys from compromised targets. Making the agent self-modifiable is relatively straightforward task and in fact I already did that in another project.
In the paper they say that the worm uses either existing vulnerabilities that it has been trained on or new published vulnerabilities that it scrapes. 44% claimed success.
The paper is a bit silent on why a such a worm would need an LLM. It seems that brute forcing all known vulnerabilities, script kiddie style on each new machine is about the same.
But apparently that info is too dangerous to release ...
Of course this is possible, but to use a botnet for intelligence compute is going to be slow. That's one thing we have going for us—it's going to take a long time for this bug to fumble through your network. But rest assured, eventually, it will pwn you.
23 comments
[ 2.1 ms ] story [ 57.0 ms ] threadIt's not fully described how things work exactly, but apparently it does not transfer entire LLMs as part of the worm. Now that would be interesting :)
> The worm parasitically uses compromised machines to run open-weight large language models (LLMs) to sustain its reasoning, or extend its reach for further attacks.
Obvious pattern of using ai to replace human reasoning in a proven methodology of malware distribution, C&C, and network infiltration obviously possible, say researchers.
Researchers use AI to create the torment nexus using commodity hardware, demonstrating the very real threat that AI could enable attackers to create torment nexus nodes using commodity hardware. “It wasn’t even that hard !“ says one researcher. Firmware available to qualified researchers who pinky swear that it will not be leaked.
Researchers set fire to laboratory with gasoline, killing seven volunteer victims, demonstrating that laboratory fires are a real risk and can carry significant consequences, especially when gasoline is involved.
Just because you can, doesn’t mean you should.
This is the same nonsense that lead to article saying researchers had created a wormhole when all they had done was draw one.
I have a microcontroller with an ROM disk (i.e., physically read only). You're telling me that an AI can find a way around the physics of not being able to mutate ROM and exploit it?
The intended purpose is not to be used as a worm but it does not take a genius to figure out that with small modifications such a thing could work relatively well - especially if it uses AI keys from compromised targets. Making the agent self-modifiable is relatively straightforward task and in fact I already did that in another project.
https://github.com/chatbotkit/rook
The paper is a bit silent on why a such a worm would need an LLM. It seems that brute forcing all known vulnerabilities, script kiddie style on each new machine is about the same.
But apparently that info is too dangerous to release ...
is this papernot’s first paper?
https://palisaderesearch.org/blog/self-replication
https://arxiv.org/abs/2605.06760
Come back when it does.