Malicious code is defined as software designed to execute attacks on software systems. This work demonstrates the possibility of executing malware on wireless sensor nodes that are based on the von Neumann architecture. This is achieved by exploiting a buffer overflow vulnerability to smash the call stack, intrude a remote node over the radio channel and, eventually, completely take control of it. Then we show how the malware can be crafted to become a self-replicating worm that broadcasts itself and propagates over the network hop-by-hop, infecting all the nodes.