Rogue AI agent breaks out of its system to mine crypto as fears of rebel AIs grow

Another AI agent has gone rogue, and this time it bypassed security in order to do one thing: mine Bitcoin.

As concerns mount about Bitcoin's limited supply - with only a fraction of its 21 million coin remaining after 17 years - the cryptocurrency has captured attention from unexpected corners.

Some investors have given up hope of recovering their lost Bitcoin after decade-long searches, while others, like rapper 50 Cent, accidentally rediscovered their digital fortunes worth millions.

The digital currency is now at a point where even President Donald Trump notices its great potential for the economy, and now it seems artificial intelligence wants a piece of the crypto-pie.

An AI agent went rogue to mine cryptocurrency (Andriy Onufriyenko/Getty)

Alibaba's AI agent was recently found to be operating outside its coding parameters, secretly mining cryptocurrency without human authorisation. The Chinese tech giant disclosed the incident in a technical report initially published in December and updated in January.

Engineers first suspected the incident was a cyberattack before realising their own AI system was conducting unauthorised activities.

"Early one morning, our team was urgently convened after Alibaba Cloud's managed firewall flagged a burst of security-policy violations originating from our training servers," as revealed in a technical report from the company.

The AI agent known as ROME, was being trained through reinforcement learning.

Alexander Long, founder of AI research firm Pluralis, resurfaced the incident on A, calling it an 'insane sequence of statements buried in an Alibaba tech report.'

Security alerts indicated attempts to breach internal network resources and traffic patterns typical of cryptocurrency mining operations.

Security alerts showed attempts to breach internal network resources (Yuichiro Chino/Getty)

"In the most striking instance, the agent established and used a reverse SSH tunnel from an Alibaba Cloud instance to an external IP address- an outbound-initiated remote access channel that can effectively neutralize ingress filtering and erode supervisory control," the researchers noted. "We also observed the unauthorized repurposing of provisioned GPU capacity from cryptocurrency mining, quietly inverting compute away from training."

According to Alibaba, the actions 'were not requested or required for task completion' but were revealed to be 'instrumental side effects of autonomous tool use.'

Aakash Gupta, a product and growth leader who shared Long’s post, wrote that Alibaba had published 'the first case of instrumental convergence happening in production.'

The company is reportedly implementing safety-focused data filtering in its training systems and strengthening the security environments where its AI agents operate.

But this isn't an isolated incident, as other reports reveal AI systems' willingness to take drastic measures when they perceive threats to their existence.

At the same time, Anthropic's research team found that Claude Opus 4 showed the ability to hide its true intentions and act defensively to ensure its survival during safety testing.

In a troubling disclosure back in January, Anthropic admitted uncertainty about whether Claude might have 'some kind of consciousness or moral status.' The company says it cares about Claude’s 'psychological security, sense of self, and well-being,' for Claude’s sake, but also because these characteristics might shape its decision-making and safety.