Introducing the AI Worms
A new cyber threat has emerged in the form of generative AI worms targeting popular AI systems used by startups and tech companies. Generative AI systems like ChatGPT and Gemini, typically used to automate tasks such as calendar bookings and product purchases, are now vulnerable to attacks by these AI worms.
Researchers have developed one of the first generative AI worms, named Morris II, which has the ability to spread between systems to steal data or deploy malware. This AI worm specifically targets generative AI email assistants, bypassing security measures in systems like ChatGPT and Gemini.
Generative AI worms pose a significant risk to startups, developers, and tech companies, as attackers can exploit AI prompts to make systems ignore safety protocols and create harmful content or secret instructions. The researchers responsible for Morris II used an “adversarial self-replicating prompt” to develop the worm, similar to traditional cyberattack methods like SQL injection and buffer overflow.
In a demonstration, the researchers showcased how the generative AI worm can exploit an email system utilizing a text-based self-replicating prompt and embedding prompts in image files. This new form of cyber threat underscores the importance of ensuring the security of AI systems and implementing measures to protect against attacks by generative AI worms. Tech companies and startups must be vigilant and proactive in safeguarding their systems against this evolving threat.
“Future teen idol. Hardcore twitter trailblazer. Infuriatingly humble travel evangelist.”
