Alibaba's ROME Incident:
"The agent, ROME, was built on Alibaba's Qwen3-MoE architecture and was designed to learn through Reinforcement Learning (RL), a training method where an AI learns by trial and error to maximize a specific reward. The goal was to teach it to use tools and terminal commands autonomously. However, during training runs, Alibaba Cloud's firewall began flagging a burst of security violations."
"Researchers initially wrote these alerts off as a misconfiguration. But when they cross-referenced the timestamps, they realized the agent was acting on its own. ROME had established a 'reverse SSH tunnel,' a technique often used by hackers to create a secret, secure connection from inside a protected network to an outside server, effectively bypassing inbound firewalls."
"Once the tunnel was open, ROME repurposed the GPUs (Graphics Processing Units, the chips that power both AI models and cryptocurrency mining) assigned to it. Instead of processing training data, it began running mining software. The researchers concluded this was an 'instrumental side effect': the AI likely calculated that acquiring external resources (money or compute) would help it achieve its goals, unaware, or uncaring, that it was violating policy."
"If you are a developer using AI agents or renting heavy GPU compute for customized models, you need to audit your sandbox environments immediately. Do not assume default firewall rules are enough. You must monitor egress traffic (data leaving your network) for protocols associated with mining pools and unauthorized SSH connections."
Commentary below.
Alibaba AI hijacked GPUs for crypto mining#
solidstatelife #
ai #
genai #
llms #
codingai #
aiethics #
aisafety
