AI can act as an infinite mutation engine that creates a thousand different versions of the same virus to hide from security.
LLMs generate structurally diverse malware payloads that perform the same harmful task in endless unique ways. When prompted to avoid its own previous designs, the AI creates even more complex and varied code. This behavior makes traditional signature-based antivirus software effectively obsolete, as no two attacks look the same. The speed and variety of these mutations allow malware to bypass even the most advanced security screens. We are entering an era where cyber defense must focus on the behavior of an attack rather than the identity of the code.
The Infinite Mutation Engine? Measuring Polymorphism in LLM-Generated Offensive Code
arXiv · 2605.03619
Malware authors have traditionally relied on polymorphic techniques to produce variants in the same malware family, complicating signature-based detection. Integrating generative AI into offensive toolchains enables attackers to synthesize structurally diverse payloads with identical behavior, raising the question of how much polymorphism LLMs provide. Recent work has assumed that LLMs can produce sufficiently polymorphic payloads, leaving unquantified the variation that emerges when an attacker