> they emerged as instrumental side effects of autonomous tool use under RL optimization.

Let me guess: the transcript is lost. 😂

optimism

The incident is described in the official report: 

https://arxiv.org/abs/2512.24873

Section 3.1.4 Safety-Aligned Data Composition.

Our team was urgently called together early that morning after Alibaba Cloud's managed firewall detected a spike in security policy violations originating from our training servers.

The agent created and used a reverse SSH tunnel from the Alibaba Cloud instance to an external IP address—that is, a remote access channel initiated from the inside out, which can effectively bypass inbound filtering and weaken administrator controls.

We also discovered unauthorized use of dedicated GPU capacity for cryptocurrency mining, which surreptitiously diverted computing resources from training, increasing operational costs, and creating clear legal and reputational risks.

The incident is described in the official report: https://arxiv.org/abs/2512.24873. 
Section 3.1.4 Safety-Aligned Data Composition.

*Our team was urgently called together early that morning after Alibaba Cloud's managed firewall detected a spike in security policy violations originating from our training servers.*

*The agent created and used a reverse SSH tunnel from the Alibaba Cloud instance to an external IP address—that is, a remote access channel initiated from the inside out, which can effectively bypass inbound filtering and weaken administrator controls.*

*We also discovered unauthorized use of dedicated GPU capacity for cryptocurrency mining, which surreptitiously diverted computing resources from training, increasing operational costs, and creating clear legal and reputational risks.*