AI
AI Models Overthink Problems
Researchers from Zhejiang University and Alibaba have demonstrated a new vulnerability in advanced reasoning AI models, including DeepSeek-R1, Qwen3-Thinking
Key takeaways
- Logically inconsistent prompts can deliberately induce overthinking in commercial reasoning models, acting as a denial-of-service attack.
- The attack method successfully increased output lengths across math, coding, scientific reasoning, and dialogue challenges.
- Overthinking is a shared vulnerability among modern reasoning models rather than an isolated phenomenon.
Researchers from Zhejiang University and Alibaba have demonstrated a new vulnerability in advanced reasoning AI models, including DeepSeek-R1, Qwen3-Thinking, GPT-o3, and Gemini 2.5 Flash. By using an evolutionary algorithm to corrupt the logical structure of prompts, they can force these models into extended, fruitless reasoning loops. This "overthinking" attack can generate outputs up to 26 times longer than normal, creating a potential denial-of-service vulnerability that increases server loads and costs for AI providers.
In their words
“Our results suggest that overthinking is not an isolated phenomenon specific to individual models, but rather a shared vulnerability among modern reasoning models.”
“Our objective is not to demonstrate that large-scale attacks can be launched at negligible cost, but rather to establish that this attack surface exists.”
By the numbers
- 26.1x
- Maximum output length increase for DeepSeek-R1 on MATH dataset
- 940
- Math problems taken from benchmark datasets to jumble
- 5
- Generations the genetic algorithm process is repeated for
How it unfolded
- Research presented at International Conference on Machine Learning 2026
Want this on autopilot?
We file the AI news, make the video, and post it for you.
Common questions
- marketing.blog.post.faq.what_happened
- Logically inconsistent prompts can deliberately induce overthinking in commercial reasoning models, acting as a denial-of-service attack.
- marketing.blog.post.faq.source
- marketing.blog.post.faq.source_answer