Traditional worms rely on predefined vulnerabilities, making them susceptible to patch-based mitigation and lacking environmental adaptability. This work proposes an AI agent–driven adaptive worm that leverages open-source large language models (LLMs) deployed on compromised devices to perform real-time inference, dynamically generating attack strategies tailored to Linux, Windows, and IoT platforms without human intervention. The system constitutes the first self-sustaining AI worm powered by stolen computational resources, transcending the conventional paradigm of fixed exploit sequences. It features real-time target analysis and on-the-fly synthesis of attack logic, thereby evading existing centralized AI security mechanisms. Empirical validation in a real enterprise network demonstrates the practical feasibility of AI-driven, zero-marginal-cost adaptive cyber threats.

A computer worm is malware that spreads on a network by replicating itself from one machine to another. Traditional worms, like WannaCry, exploited predetermined vulnerabilities, and their spread can be halted by patching those vulnerabilities. Here we show that artificial intelligence (AI) agents enable a fundamentally new threat: a worm that generates tailored attack strategies to each target it encounters. The worm parasitically uses compromised machines to run open-weight large language models (LLMs) to sustain its reasoning, or extend its reach for further attacks. Deployed on a network of machines spanning Linux, Windows, and IoT (Internet of Things) devices, the worm propagated by exploiting common, real-world corporate network vulnerabilities. Since the worm is powered by stolen compute, the attacker's marginal cost per new infection is zero. This creates a destabilizing economic asymmetry between attackers and defenders. Moreover, because the worm requires no commercial AI platform, centralized safety controls, such as service refusals or rate limiting, are structurally irrelevant. Our results demonstrate that self-sustaining AI-driven cyber-threats are no longer theoretical. We must prepare for autonomous generative adversaries: malware systems that propagate without human operators and are defined not by fixed exploit code, but by the capacity to reason about targets, adapt to observations, and synthesize attack logic in real time.