The internet is facing a once-in-a-lifetime moment of transformation and disruption: the arrival of the world’s first generative AI worm, “Morris II,” as it’s come to be called by its creators.
Existing only in controlled laboratory conditions, its creators have informally dubbed this self-spreading malware after the infamous Morris internet worm of 1988, representing a fundamental change in where we should expect future threats to come from, and necessitating an understanding of its potential impact on our digital life.
The internet chum is a ‘continuation’ of a chatbot developed by researchers from Cornell University, Technion–Israel Institute of Technology, and Intuit, which tap into security loopholes in popular AI models, such as ChatGPT and Google Gemini. Unlike old-school worms, which need you to help them along by, say, clicking on a link that in turn downloads malware, the Morris II worm employs “adversarial self-replication.”
This allows it to obfuscate dangerous prompts in apparently legit-looking content, like emails or images, that when ingested by an AI-driven email assistant or chatbot gets interpreted by the AI and causes it to execute harmful actions, or in some cases even to start duplicating the worm.
For personal digital life, the stakes are high. Morris II has shown he can pilfer sensitive data, such as names, phone numbers, credit card details, or social security numbers, through AI assistants that are able to access your inbox.
It can also hijack these AI-powered email assistants to spread spam or propagate the infection, which could conceivably turn your digital tools against you, too.
Though Morris II is not yet “in the wild” its creation serves as a bold reminder. This type of life-like learning, adaptation, and functioning on their own means that AI worms might be able evolve to defend against established security measures or attack target ones.
This new type of malware may result in “zero-click” infections, where a user doesn’t have to touch a malicious file at all to have their system infected.
Vigilance is the best protection for yourself. Updates are important as they often include security fixes for newly discovered vulnerabilities. It’s getting to the point where you may have to invest in some name-brand anti-virus and anti-malware that specifically targets AI-related threats.
And, perhaps most importantly – use caution while using AI-based services, especially those that contain sensitive information. With AI becoming increasingly enmeshed in our daily lives, we need to be aware of these emerging threats and promote strong cybersecurity principles as we build our digital future.
