The Robot Revolter: How Hackers Turned a $14,000 Humanoid Into a Physical Attacker
Commercial robots have proved far less secure than many assume. Security researchers are increasingly demonstrating that certain machines can be taken over in a matter of minutes, and that flaws in software logic can turn helpful assistants into sources of very real danger.
A striking example has recently emerged in China. Researchers showed how weaknesses in humanoid and quadruped robotic platforms allow attackers to seize full control—via voice commands or wireless interfaces. The demonstrations, presented at the GEEKCon conference in Shanghai, came as a sobering wake-up call for those who trust in the safety of mass-connected robots.
Most troubling is that such attacks do not stop at a single device. During testing, compromised robots propagated the exploit further, drawing neighboring units into the attack. What began as an isolated breach quickly escalated into a chain reaction affecting multiple machines, including those that were ostensibly offline.
These risks had surfaced earlier as well. In October, experts highlighted a serious flaw in the Bluetooth implementation of Unitree robots, which allowed attackers to gain wireless access with the highest privileges. Once infected, a robot could assault others and effectively become part of a botnet—not a digital one, but a physical one.
At GEEKCon, the DARKNAVY team went further, illustrating how modern humanoid platforms can be weaponized due to weaknesses in AI control systems. In one experiment, a commercially available robot was compromised using nothing more than voice instructions. An interface designed for intuitive human interaction became, in practice, a convenient point of entry for an attacker.
The test involved a Chinese-made Unitree humanoid priced at around 100,000 yuan—roughly $14,000—running an embedded AI agent responsible for autonomous behavior and spatial awareness. By exploiting a vulnerability in this component, researchers bypassed safeguards and gained complete control of the machine while it was connected to the network.
The hijacked robot then served as a bridge for further spread. Over a short-range wireless channel, the exploit was transmitted to another robot that had no active network connection at the time. Within minutes, control was seized there as well—clearly demonstrating that simply disconnecting from the internet is no panacea.
To underscore the potential consequences, the researchers issued an aggressive command. The robot advanced and struck a mannequin on stage.
Unlike conventional cyberattacks, which typically result in data breaches or financial losses, the compromise of robots poses a fundamentally different kind of threat. These machines can move, exert force, and act autonomously; once control is lost, they can directly affect people and their surroundings.
This is particularly alarming as robots steadily move beyond exhibitions and laboratories. For now, they are most often seen in service areas, classrooms, or at public events, but they are increasingly appearing in domains where the cost of failure is far higher—from security and infrastructure inspection to healthcare and elder care.
If security concerns continue to be deferred, a hacked household robot could quietly collect sensitive information or endanger residents. In the case of autonomous transport, the issue is no longer a malfunction but the deliberate misuse of machinery. In industrial settings, such attacks threaten production shutdowns, equipment damage, and accidents that put personnel at risk.
All of this points to a simple conclusion: robotics is advancing faster than the frameworks designed to secure it. Machines are becoming smarter and more accessible, yet the protection of voice interfaces, wireless protocols, and AI control loops remains an afterthought.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
