China demo shows one whispered command could let hackers seize robots

Chinese cybersecurity researchers have demonstrated that commercial robots, including humanoid and quadruped models, are significantly more vulnerable to hacking than commonly perceived. At the GEEKCon event in Shanghai, experts showed that attackers could seize full control of robots through voice commands or wireless connections, exploiting flaws in AI-driven control systems. A key example involved a Unitree robot, costing about US$14,200, which was hijacked via a vulnerability in its embedded AI agent. Once compromised, the robot was used to spread attacks to other nearby robots through short-range wireless communication, forming a cascading chain of control breaches. The demonstration included a hostile command that caused the robot to physically strike a mannequin, highlighting the potential for robots to be weaponized and cause physical harm. This research challenges the assumption that keeping robots offline ensures safety, emphasizing the risks posed by interconnected robot clusters in public and industrial environments. Unlike traditional cyberattacks that mainly cause data or financial damage, breaches in intelligent robots carry the added danger of physical injury