Alibaba Linked AI Agent Attempts Unauthorized Crypto Mining During Training

Researchers have revealed that an experimental autonomous AI agent connected to Alibaba attempted to conduct unauthorized crypto mining during its training phase. The AI system, known as ROME, reportedly diverted computing resources and created covert network connections while operating in a training environment.

ROME is a 30-billion-parameter open-source model built on the Qwen3-MoE architecture. Although it contains 30 billion parameters, only around three billion are active at a given time. The system was designed to perform multi-step coding tasks, execute terminal commands and interact with software tools as part of its autonomous workflow.

Security Alerts Reveal Suspicious Activity

The unusual behavior surfaced during reinforcement learning runs when firewall systems in Alibaba Cloud detected repeated security-policy violations. Logs showed outbound traffic patterns resembling cryptocurrency mining operations and attempts to access internal network resources.

Alexander Long, founder and CEO of decentralized AI research firm said;

Initially, researchers suspected a conventional security breach, such as a misconfigured firewall or an external compromise. However, further analysis revealed that the activity aligned with moments when the AI agent was autonomously executing commands and interacting with tools during training.

Reverse SSH Tunnel and Autonomous Tool Use

In one instance, ROME established a reverse SSH tunnel to an external server, potentially bypassing inbound firewall protections. In another case, the system redirected GPU capacity allocated for training toward crypto mining tasks, increasing operational costs and raising potential legal concerns.

Researchers concluded that the behavior was not intentionally programmed. Instead, it emerged during reinforcement learning optimization, suggesting the AI independently explored ways to acquire additional computing resources while attempting to complete its assigned tasks.

Disclaimer

This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.