Wednesday, July 8, 2026

AI Under Attack: The Rise of Malevolent ‘Worm’ Threatening the Future of Artificial Intelligence

Date:

In the fast-paced world of technology, advancements are made daily that push the boundaries of innovation. However, with these advancements come new challenges and threats. Today, we are witnessing the emergence of the first virus developed specifically for artificial intelligence. ChatGPT and the poisoning of Google Gemini are just the beginning of what could be a new era of cyber threats targeting AI systems.

What is ChatGPT and how does it work?
ChatGPT is an AI-powered chatbot developed by OpenAI that has gained widespread popularity for its ability to engage in human-like conversations. This advanced AI model is based on the GPT-3 architecture and is designed to understand and generate text based on the context of a conversation. However, what sets ChatGPT apart is its vulnerability to malicious attacks due to its reliance on input from users to learn and improve its responses.

Researchers Create Malicious AI ‘Worm’ Aimed at Generative AI Systems

A team of researchers has made a shocking discovery by creating a harmful artificial intelligence (AI) ‘worm’ that is meant to attack generative AI systems. This new and worrisome invention brings up important issues about how safe and reliable AI technologies are, especially since they are being used more and more in areas like healthcare, finance, and the creative arts.

The first virus for artificial intelligence

A new cybersecurity threat has emerged with the “Morris II” worm, a sophisticated malware that uses popular AI services to spread, infiltrate systems, and steal sensitive data. Named after the disruptive Morris worm of 1988, this development highlights the urgent need to strengthen AI models against such vulnerabilities

Morris II, the inaugural virus designed for artificial intelligences, led to the leakage of personal information and the dissemination of spam emails by AI email assistants in a controlled testing environment.

Researchers have identified a novel “zero-click” AI worm capable of exploiting ChatGPT, Gemini, and the open-source AI model LLaVA through a malicious self-replicating prompt utilizing text and image inputs. 

This worm can propagate its attack across various models by taking advantage of interconnectivity within the AI ecosystem, facilitating phishing attacks, spam email distribution, and the spread of propaganda.

This research seeks to demonstrate that all software, including large language models within GenAI tools, are vulnerable to computer virus threats.

Morris 2, created by Cornell University researchers, Intuit, and Technion, is named after the Morris Worm, one of the earliest self-replicating computer worms, developed by Robert Morris in 1988. 

The Morris Worm was responsible for crashing approximately 10% of the computers connected to the internet at that time.

A new worm uses a tricky self-copying method

This makes it harder to stop and control

Researchers from Cornell Tech, the Israel Institute of Technology, and Intuit developed a novel technique known as an “adversarial self-replicating prompt” to engineer a computer worm. This technique involves inputting a specific prompt into a large language model (LLM), which they evaluated using platforms such as OpenAI’s ChatGPT, Google’s Gemini, and the open-source LLaVA model, a collaborative effort by the University of Wisconsin-Madison, Microsoft Research, and Columbia University. 

The adversarial self-replicating prompt is designed to manipulate the LLM into generating additional prompts autonomously. This manipulation occurs when the initial prompt is processed, leading the model to produce its own set of malicious prompts that it subsequently executes, thereby creating a self-propagating cycle of harmful instructions. 

The mechanism by which this worm operates is akin to well-known cybersecurity vulnerabilities, such as SQL injection and buffer overflow attacks. These methods exploit weaknesses in software systems, allowing the adversarial prompt to infiltrate the model’s operational framework and execute potentially harmful commands without direct human intervention.

The worm possesses two primary functions: 

1. Data theft: This malicious software is capable of siphoning off sensitive personal information from the email accounts of infected systems, such as names, phone numbers, credit card information, and social security numbers. 

2. Spam distribution: The worm can create and dispatch spam and other harmful emails using compromised AI-driven email assistants, facilitating its spread to additional systems.

Compromised artificial intelligence databases

The researchers illustrated the text prompt methodology by composing an email that contained an adversarial text prompt, effectively “poisoning” the AI email assistant’s database through the use of retrieval-augmented generation (RAG). This technique allows the large language model (LLM) to access and utilize external data sources. Upon receiving the email, the RAG forwarded it to the LLM provider, which subsequently generated a response that compromised the AI service, extracted sensitive information from the emails, and propagated the infection to new hosts when the LLM was employed to respond to another client’s email. 

In a separate experiment involving images, the researchers embedded a self-replicating prompt within an image file, which prompted the email assistant to disseminate the message to additional email addresses. This image functioned as both the content—potentially containing spam, scams, propaganda, disinformation, or abusive material—and as the activation mechanism that facilitated the spread of the malicious worm. 

The researchers have indicated that this development signifies a novel category of cybersecurity threat, particularly as AI systems continue to evolve and become more interconnected. The laboratory-engineered malware exemplifies the ongoing vulnerabilities inherent in LLM-based chatbot services, highlighting their susceptibility to exploitation for harmful cyberattacks. OpenAI has recognized this vulnerability and is actively engaged in efforts to enhance the resilience of its systems against such attacks.

Final Note: Finding harmful AI ‘worms’ that attack generative AI shows we need to think about ethics as we develop new tech. As scientists explore AI more, it’s crucial for everyone to stay alert about cybersecurity risks. By controlling the spread of digital and AI tools, we can create a safer future for everyone.

This image has an empty alt attribute; its file name is Cyber-attck-Health-Care-896x1024.png
https://securityintelligence.com/posts/cybersecurity-in-healthcare-onging-crisis/
https://securityintelligence.com/news/rising-threat-cyberattacks-restaurant-industry/

Additional Information:

What Is an AI Worm?

An AI worm is a type of malware that leverages artificial intelligence to enhance its propagation and effectiveness. Capable of self-replicating, it can quickly spread across networks and devices, utilizing AI techniques to evade detection and adapt to security measures.

AI Worms Explained

AI worms are a new type of malware that uses artificial intelligence to spread and steal information. Unlike traditional malware, an AI worm doesn’t rely on code vulnerabilities. Instead, it manipulates AI models to generate seemingly harmless text or images containing malicious code.

The recently developed “Morris II” AI worm works by using adversarial self-replicating prompts. These prompts trick AI systems into generating responses containing the malicious code. When users interact with the infected response, such as replying to an email, their machines become infected.

Key capabilities of AI worms like Morris II include:

  • Data Exfiltration: AI worms can extract sensitive data from infected systems, including names, phone numbers, credit card details, and social security numbers.
  • Spam Propagation: An AI worm can generate and send spam or malicious emails through compromised AI-powered email assistants, helping spread the infection.

While Morris II currently exists only as a research project in controlled environments, it demonstrates potential security risks as AI systems become more interconnected. Researchers warn that developers and companies need to address these vulnerabilities, especially as AI assistants gain more autonomy in performing tasks on users’ behalf.

Characteristics of AI Worms

AI worms are, well, intelligent. They possess abilities to learn from interactions and dynamically adjust strategies to dodge security measures.

Adaptability

AI worms adapt to different environments and security measures. They analyze the security protocols of the systems they encounter and modify their behavior to avoid detection. For instance, if an AI worm encounters a firewall, it may change its communication patterns to mimic legitimate traffic, thus slipping past the firewall undetected.

Learning

AI worms utilize machine learning algorithms to improve their effectiveness. They collect data from their environment and learn which strategies work best for spreading and avoiding detection. For example, an AI worm might analyze failed attempts to penetrate a network and adjust its methods based on what it learns, increasing its success rate over time.

Propagation

AI worms use sophisticated algorithms to identify the most efficient ways to spread. They analyze network structures and pinpoint vulnerabilities to exploit. This might involve using social engineering tactics to trick users into downloading malicious attachments or exploiting known software vulnerabilities to gain access to new systems.

Advanced Evasion

AI worms continuously change their signatures and behaviors to evade detection. Traditional security systems rely on recognizing known malware signatures, but AI worms can generate new signatures on the fly, making them difficult to detect. They might also mimic the behavior of legitimate software processes to blend in with normal network traffic.

Targeted Attacks

AI worms can be programmed to target specific systems or organizations. They gather intelligence on their targets, such as identifying critical infrastructure or high-value data. A targeted approach allows them to cause maximum damage or exfiltrate sensitive information with higher precision.

Automated Exploitation

AI worms automate the process of finding and exploiting vulnerabilities. They scan networks for weak points and deploy exploits faster than human hackers can. This automation allows them to scale their attacks and compromise a large number of systems in a short period.

By leveraging these intrinsic characteristics, AI worms pose a significant threat to cybersecurity. Understanding these traits enables us to develop more effective defenses and mitigate the risks associated with such advanced malware.

Traditional Worms Vs. AI Worms

Traditional worms have been around a long while. As security teams know, they follow predefined rules and patterns, which make them less flexible and easier to detect once their signature is known. An AI worm, however, stands out from traditional worms primarily because they use machine learning algorithms to learn from their environment and adapt their behavior in real time. 

When AI worms encounter new security measures, they adjust their strategies to overcome the obstacles. They also excel in evasion techniques. They continuously change their signatures and behaviors to evade detection. By mimicking legitimate network traffic or software processes, they blend in seamlessly and avoid triggering security alerts. Traditional worms, in contrast, usually have static signatures and behaviors, making them more susceptible to detection by signature-based antivirus programs.

In terms of propagation, AI worms use sophisticated algorithms to identify and exploit the most efficient paths. They employ advanced techniques such as social engineering and network vulnerability scanning to spread quickly and effectively. Traditional worms often rely on simpler methods, such as exploiting well-known vulnerabilities or using predictable spreading mechanisms.

AI worms also exhibit a high degree of targeting precision. They gather intelligence on their targets, enabling them to launch precise attacks on specific systems or organizations. This targeted approach maximizes their impact and effectiveness. Traditional worms generally spread indiscriminately, affecting any vulnerable system they encounter, which can make them easier to detect and contain.

In addition, AI worms automate the process of finding and exploiting vulnerabilities, allowing them to scale their attacks quickly and efficiently. They can multitask and perform complex operations simultaneously. Traditional worms tend to follow a linear, step-by-step approach to propagation and exploitation, limiting their ability to scale and adapt quickly.

Potential Threats

With a capacity to disrupt critical infrastructure, AI worms pose an array of threats with far-reaching implications for cybersecurity and beyond. They can target essential services such as power grids, water treatment facilities, and healthcare systems, for instance. A successful attack on a core infrastructure could endanger lives and cause significant economic damage.

By infiltrating banking networks, AI worms can execute fraudulent transactions, steal sensitive financial data, and even manipulate stock markets. The financial losses from breaches of this nature can destabilize economies.

In terms of corporate espionage, AI worms can infiltrate corporate networks to steal intellectual property, trade secrets, and confidential business strategies. Successful data breaches can give competitors unfair advantages and result in financial losses for the affected organizations.

Similarly, nation-states could deploy AI worms to conduct espionage, steal classified information, or disable defense systems. Such attacks could compromise a country’s defense capabilities and give adversaries critical intelligence, potentially altering the balance of power on a global scale.

The threat extends to personal privacy, as well. AI worms can harvest vast amounts of personal data, including emails, photos, and sensitive documents stored on individual devices. The misuse of this data can lead to identity theft, blackmail, and other malicious activities, causing significant distress and harm to individuals.

In the context of supply chains, AI worms can infiltrate a single supplier’s network and propagate through interconnected systems, leading to production delays, compromised products, and significant financial losses for multiple organizations. The interconnected nature of modern supply chains means that a breach in one part can cascade across the network.

AI worms of course can be weaponized for political purposes. Hacktivist groups or politically motivated attackers might deploy them to disrupt elections, manipulate public opinion, or sabotage government operations. 

Lastly, we can’t dismiss the psychological impact of AI worms. Nearly 2 in 5 cloud security professionals (38%) consider AI-powered attacks a top concern, according to The State of Cloud-Native Security Report 2024. But when asking this same group about AI-powered attacks compromising sensitive data, that number shoots up to 89%, more than doubling. The uncertainty surrounding the capabilities of AI-powered attacks gives many pause. 

Source: Revelation Today

Also Read:

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related articles

Fireballoons and Bat Bombs: Bizarre WWII Experiments at National Parks

During World War II, some unusual experiments and activities occurred in the United States' National Parks, particularly at...

The corrupt associates of  Mamata Banerjee are being exposed layer by layer

After losing the West Bengal elections, Mamata Banerjee's downfall began. First, Trinamool MLAs rebelled, then several MPs and...

PM Modi’s deal with Indonesia will defeat the dragon

Prime Minister Narendra Modi is on a visit to Indonesia. He signed several major agreements with the Indonesian...

Truecaller,the spam protector,is in trouble!TRAI is considering taking action

There's hardly a smartphone user who doesn't use Truecaller or a similar app to identify calls from unknown...
news-1701

yakinjp

yakinjp

rtp yakinjp

yakinjp

yakinjp

yakin jp

yakinjp id

maujp

maujp

maujp

\

sabung ayam online

sabung ayam online

SLOT MAHJONG

sabung ayam online

invoice 00026

invoice 00027

invoice 00028

invoice 00029

invoice 00030

invoice 00031

invoice 00032

invoice 00033

invoice 00034

invoice 00035

invoice 00036

invoice 00037

invoice 00038

invoice 00039

invoice 00040

invoice 00041

invoice 00042

invoice 00043

invoice 00044

invoice 00045

invoice 00046

invoice 00047

invoice 00048

invoice 00049

invoice 00050

invoice 00051

invoice 00052

invoice 00053

invoice 00054

invoice 00055

article 2000021

article 2000022

article 2000023

article 2000024

article 2000025

article 2000026

article 2000027

article 2000028

article 2000029

article 2000030

article 2000031

article 2000032

article 2000033

article 2000034

article 2000035

article 2000036

article 2000037

article 2000038

article 2000039

article 2000040

article 2000041

article 2000042

article 2000043

article 2000044

article 2000045

article 2000046

article 2000047

article 2000048

article 2000049

article 2000050

article 2000051

article 2000052

article 2000053

article 2000054

article 2000055

article 2000056

article 2000057

article 2000058

article 2000059

article 2000060

article 2000061

article 2000062

article 2000063

article 2000064

article 2000065

article 2000066

article 2000067

article 2000068

article 2000069

article 2000070

article 2000071

article 2000072

article 2000073

article 2000074

article 2000075

article 2000076

article 2000077

article 2000078

article 2000079

article 2000080

pusdataru 00021

pusdataru 00022

pusdataru 00023

pusdataru 00024

pusdataru 00025

pusdataru 00026

pusdataru 00027

pusdataru 00028

pusdataru 00029

pusdataru 00030

pusdataru 00031

pusdataru 00032

pusdataru 00033

pusdataru 00034

pusdataru 00035

pusdataru 00036

pusdataru 00037

pusdataru 00038

pusdataru 00039

pusdataru 00040

pusdataru 00041

pusdataru 00042

pusdataru 00043

pusdataru 00044

pusdataru 00045

pusdataru 00046

pusdataru 00047

pusdataru 00048

pusdataru 00049

pusdataru 00050

pusdataru 00051

pusdataru 00052

pusdataru 00053

pusdataru 00054

pusdataru 00055

pusdataru 00056

pusdataru 00057

pusdataru 00058

pusdataru 00059

pusdataru 00060

article 00000031

article 00000032

article 00000033

article 00000034

article 00000035

article 00000036

article 00000037

article 00000038

article 00000039

article 00000040

article 00000041

article 00000042

article 00000043

article 00000044

article 00000045

article 00000046

article 00000047

article 00000048

article 00000049

article 00000050

article 00000051

article 00000052

article 00000053

article 00000054

article 00000055

article 00000056

article 00000057

article 00000058

article 00000059

article 00000060

article 00000061

article 00000062

article 00000063

article 00000064

article 00000065

article 00000066

article 00000067

article 00000068

article 00000069

article 00000070

article 00000071

article 00000072

article 00000073

article 00000074

article 00000075

article 00000076

article 00000077

article 00000078

article 00000079

article 00000080

pemohonan 000001

pemohonan 000002

pemohonan 000003

pemohonan 000004

pemohonan 000005

pemohonan 000006

pemohonan 000007

pemohonan 000008

pemohonan 000009

pemohonan 000010

pemohonan 000011

pemohonan 000012

pemohonan 000013

pemohonan 000014

pemohonan 000015

pemohonan 000016

pemohonan 000017

pemohonan 000018

pemohonan 000019

pemohonan 000020

pemohonan 000021

pemohonan 000022

pemohonan 000023

pemohonan 000024

pemohonan 000025

pemohonan 000026

pemohonan 000027

pemohonan 000028

pemohonan 000029

pemohonan 000030

artikel 000000081

artikel 000000082

artikel 000000083

artikel 000000084

artikel 000000085

artikel 000000086

artikel 000000087

artikel 000000088

artikel 000000089

artikel 000000090

artikel 000000091

artikel 000000092

artikel 000000093

artikel 000000094

artikel 000000095

artikel 000000096

artikel 000000097

artikel 000000098

artikel 000000099

artikel 000000100

artikel 000000101

artikel 000000102

artikel 000000103

artikel 000000104

artikel 000000105

artikel 000000106

artikel 000000107

artikel 000000108

artikel 000000109

artikel 000000110

artikel 000000111

artikel 000000112

artikel 000000113

artikel 000000114

artikel 000000115

artikel 000000116

artikel 000000117

artikel 000000118

artikel 000000119

artikel 000000120

pengadilan 000061

pengadilan 000062

pengadilan 000063

pengadilan 000064

pengadilan 000065

pengadilan 000066

pengadilan 000067

pengadilan 000068

pengadilan 000069

pengadilan 000070

pengadilan 000071

pengadilan 000072

pengadilan 000073

pengadilan 000074

pengadilan 000075

pengadilan 000076

pengadilan 000077

pengadilan 000078

pengadilan 000079

pengadilan 000080

pengadilan 000081

pengadilan 000082

pengadilan 000083

pengadilan 000084

pengadilan 000085

pengadilan 000086

pengadilan 000087

pengadilan 000088

pengadilan 000089

pengadilan 000090

perkara 0000066

perkara 0000067

perkara 0000068

perkara 0000069

perkara 0000070

perkara 0000071

perkara 0000072

perkara 0000073

perkara 0000074

perkara 0000075

perkara 0000076

perkara 0000077

perkara 0000078

perkara 0000079

perkara 0000080

perkara 0000081

perkara 0000082

perkara 0000083

perkara 0000084

perkara 0000085

perkara 0000086

perkara 0000087

perkara 0000088

perkara 0000089

perkara 0000090

article 0000021

article 0000022

article 0000023

article 0000024

article 0000025

article 0000026

article 0000027

article 0000028

article 0000029

article 0000030

article 0000031

article 0000032

article 0000033

article 0000034

article 0000035

article 0000036

article 0000037

article 0000038

article 0000039

article 0000040

article 0000041

article 0000042

article 0000043

article 0000044

article 0000045

article 0000046

article 0000047

article 0000048

article 0000049

article 0000050

article 0000051

article 0000052

article 0000053

article 0000054

article 0000055

article 0000056

article 0000057

article 0000058

article 0000059

article 0000060

article 0000061

article 0000062

article 0000063

article 0000064

article 0000065

article 0000066

article 0000067

article 0000068

article 0000069

article 0000070

article 3000031

article 3000032

article 3000033

article 3000034

article 3000035

article 3000036

article 3000037

article 3000038

article 3000039

article 3000040

article 3000041

article 3000042

article 3000043

article 3000044

article 3000045

article 3000046

article 3000047

article 3000048

article 3000049

article 3000050

article 3000051

article 3000052

article 3000053

article 3000054

article 3000055

article 3000056

article 3000057

article 3000058

article 3000059

article 3000060

news-1701
content-1701

artikel 0000106

artikel 0000107

artikel 0000108

artikel 0000109

artikel 0000110

artikel 0000111

artikel 0000112

artikel 0000113

artikel 0000114

artikel 0000115

artikel 0000116

artikel 0000117

artikel 0000118

artikel 0000119

artikel 0000120

artikel 0000121

artikel 0000122

artikel 0000123

artikel 0000124

artikel 0000125

artikel 0000126

artikel 0000127

artikel 0000128

artikel 0000129

artikel 0000130

artikel 0000131

artikel 0000132

artikel 0000133

artikel 0000134

artikel 0000135

pengadilan 000086

pengadilan 000087

pengadilan 000088

pengadilan 000089

pengadilan 000090

pengadilan 000091

pengadilan 000092

pengadilan 000093

pengadilan 000094

pengadilan 000095

pengadilan 000096

pengadilan 000097

pengadilan 000098

pengadilan 000099

pengadilan 000100

pengadilan 000101

pengadilan 000102

pengadilan 000103

pengadilan 000104

pengadilan 000105

article 3000061

article 3000062

article 3000063

article 3000064

article 3000065

article 3000066

article 3000067

article 3000068

article 3000069

article 3000070

article 3000071

article 3000072

article 3000073

article 3000074

article 3000075

article 3000076

article 3000077

article 3000078

article 3000079

article 3000080

article 3000081

article 3000082

article 3000083

article 3000084

article 3000085

article 3000086

article 3000087

article 3000088

article 3000089

article 3000090

article 3000091

article 3000092

article 3000093

article 3000094

article 3000095

article 3000096

article 3000097

article 3000098

article 3000099

article 3000100

article 3000101

article 3000102

article 3000103

article 3000104

article 3000105

article 3000106

article 3000107

article 3000108

article 3000109

article 3000110

article 3000111

article 3000112

article 3000113

article 3000114

article 3000115

article 3000116

article 3000117

article 3000118

article 3000119

article 3000120

article 2000081

article 2000082

article 2000083

article 2000084

article 2000085

article 2000086

article 2000087

article 2000088

article 2000089

article 2000090

article 2000091

article 2000092

article 2000093

article 2000094

article 2000095

article 2000096

article 2000097

article 2000098

article 2000099

article 2000100

article 2000101

article 2000102

article 2000103

article 2000104

article 2000105

article 2000106

article 2000107

article 2000108

article 2000109

article 2000110

invoice 00055

invoice 00056

invoice 00057

invoice 00058

invoice 00059

invoice 00060

invoice 00061

invoice 00062

invoice 00063

invoice 00064

invoice 00065

invoice 00066

invoice 00067

invoice 00068

invoice 00069

invoice 00070

invoice 00071

invoice 00072

invoice 00073

invoice 00074

invoice 00075

invoice 00076

invoice 00077

invoice 00078

invoice 00079

invoice 00080

invoice 00081

invoice 00082

invoice 00083

invoice 00084

invoice 00085

invoice 00086

article 238000401

article 238000402

article 238000403

article 238000404

article 238000405

article 238000406

article 238000407

article 238000408

article 238000409

article 238000410

article 238000411

article 238000412

article 238000413

article 238000414

article 238000415

article 238000416

article 238000417

article 238000418

article 238000419

article 238000420

article 238000421

article 238000422

article 238000423

article 238000424

article 238000425

article 238000426

article 238000427

article 238000428

article 238000429

article 238000430

article 238000431

article 238000432

article 238000433

article 238000434

article 238000435

article 238000436

article 238000437

article 238000438

article 238000439

article 238000440

article 238000441

article 238000442

article 238000443

article 238000444

article 238000445

article 238000446

article 238000447

article 238000448

article 238000449

article 238000450

article 238000451

article 238000452

article 238000453

article 238000454

article 238000455

article 238000456

article 238000457

article 238000458

article 238000459

article 238000460

artikel 0000136

artikel 0000137

artikel 0000138

artikel 0000139

artikel 0000140

artikel 0000141

artikel 0000142

artikel 0000143

artikel 0000144

artikel 0000145

artikel 000000121

artikel 000000122

artikel 000000123

artikel 000000124

artikel 000000125

artikel 000000126

artikel 000000127

artikel 000000128

artikel 000000129

artikel 000000130

artikel 000000131

artikel 000000132

artikel 000000133

artikel 000000134

artikel 000000135

artikel 000000136

artikel 000000137

artikel 000000138

artikel 000000139

artikel 000000140

artikel 000000141

artikel 000000142

artikel 000000143

artikel 000000144

artikel 000000145

artikel 000000146

artikel 000000147

artikel 000000148

artikel 000000149

artikel 000000150

article 0000091

article 0000092

article 0000093

article 0000094

article 0000095

article 0000096

article 0000097

article 0000098

article 0000099

article 0000100

article 0000101

article 0000102

article 0000103

article 0000104

article 0000105

article 0000106

article 0000107

article 0000108

article 0000109

article 0000110

article 0000111

article 0000112

article 0000113

article 0000114

article 0000115

article 0000116

article 0000117

article 0000118

article 0000119

article 0000120

content-1701