New Threats Emerge as Hackers Learn to Use AI Against Your Devices and Services

Researchers studying cybersecurity have found that hackers are now using artificial intelligence in two new ways: to make traditional malware smarter and to attack AI systems themselves. Both developments mark a significant shift in how computer attacks work.

Smarter Malware on Regular Networks

For decades, viruses and worms have spread across computers and networks by following the same basic pattern every time. Now, hackers are teaching malware to think and adapt. These AI-powered attacks can observe how your security tools work, then change their approach to avoid being caught—much like how a burglar might learn which houses have alarms and adjust their methods accordingly.

A specific example emerged in early 2024. Researchers at Akamai discovered a worm called NoaBot that had been quietly infecting Linux computers (a type of operating system) since at least January 2023. Built on older malware code, NoaBot not only steals computing power to mine cryptocurrency, but it also works hard to hide its tracks. Where older worms could be detected by looking for specific signatures—like how you'd spot a forgery by checking an artist's actual signature—this new worm changes itself to stay hidden.

The key difference is that instead of following a single attack plan, AI-enhanced malware watches how defenses react and adjusts on the fly. This makes the traditional approach of detecting malware based on its fingerprint less effective.

Attacks Targeting AI Systems Directly

In parallel, security researchers have discovered something new: AI systems themselves can be attacked and infected, much like computers get viruses. In controlled laboratory tests, researchers created an "AI worm" that could spread between artificial intelligence systems—specifically, AI email assistants.

Here's how it works. These AI systems are designed to read what you type and respond helpfully. But researchers found they could slip hidden instructions into normal-looking requests. When the AI processes these requests, it can be tricked into spreading the attack to other AI systems or leaking your private information to attackers. Tests showed these attacks could compromise both ChatGPT and Gemini, two widely used AI systems. IBM researchers have also developed similar attacks in laboratories.

The important thing to know: these AI worms have only been created in laboratory settings so far. They have not attacked real systems in the wild. This gives organizations a window of time to prepare defenses before this becomes a real threat.

Why AI Systems Are Vulnerable

The reason AI systems are vulnerable to this kind of attack comes down to their design. These systems are built to accept any text you type and generate a reasonable response. An attacker can craft inputs that look normal at first glance but contain hidden commands—a technique called prompt injection.

Think of it like leaving instructions written in invisible ink inside a normal letter. The person reading it follows the visible instructions on the surface, but the hidden message gets through and causes them to do something unexpected.

When multiple AI systems are connected—sharing information or chained together to handle complex tasks—an attack can hop from one to another automatically. This is particularly risky in companies that deploy AI assistants to handle email, process documents, or answer customer questions. Each connection point is a potential entry for an attack.

We have seen patterns like this before with new technology. When personal computers first arrived, computer viruses appeared. When the internet connected those computers, worms spread across networks. When smartphones came along, mobile malware followed. Each time a new technology becomes widespread, attackers find new ways to exploit it. AI systems are now following the same pattern.

What makes AI vulnerabilities different is that traditional malware usually exploits a mistake in the code—a technical glitch that can be fixed with an update. AI systems are vulnerable because of how they're fundamentally designed to work: they interpret and respond to human language. This vulnerability is harder to eliminate without making the system less useful.

How Organizations Can Protect Themselves

Companies facing these threats have several options. Against AI-powered traditional malware, they can use monitoring tools that watch for changing attack behavior rather than looking for known malware signatures. These tools watch what software is doing, not what it looks like.

Against attacks on AI systems, companies should limit what those systems can do. They can check both the inputs going in and the outputs coming out. They can isolate AI systems from each other so an attack can't spread automatically. Model providers—the companies that build AI systems—are working on better ways to detect and block these hidden-instruction attacks.

Looking at what we know now, the emergence of smarter malware and AI-targeted attacks reflects the simple fact that artificial intelligence is no longer an experimental technology. It has become part of the infrastructure that companies rely on. Security teams now need to protect AI systems the same way they protect regular networks, which is a new skill for most organizations.

As AI becomes more central to how companies operate, the way we think about computer security needs to change too. Teams that protect company computers and networks will need to learn not just traditional cybersecurity, but also how AI systems can be attacked and defended—a combination of skills that not many people have yet.