DJI will pay $30,000 to a man who accidentally hacked 7,000 Romo robot vacuum cleaners
DJI is offering a $30,000 reward to enthusiasts who accidentally discover a security vulnerability in their robot vacuum cleaner while trying to control it with a PlayStation 5 controller.
Security and Continuous Improvement: ROMO's Path Forward
DJI will pay $30K to the man who accidentally hacked 7,000 Romo robovacs | The Verge
The vulnerability in DJI's Romo robot vacuum cleaner was discovered by hobbyist Samy Azdhufar, who used Anthropic's Claude AI to create a custom app that allowed him to view footage from thousands of Romo robots without needing a security PIN.
Report that data from thousands of DJI robot vacuum cleaners could be illegally accessed when trying to operate them with a PS5 controller - GIGAZINE
According to The Verge, which reported the incident after receiving a report from Azdufal, Azdufal later contacted him again and told him that he would receive $30,000 from DJI.
DJI updated its blog on March 6, 2026, explaining that the vulnerability allegedly discovered by Azdufal had been 'investigated for some time, and two other security researchers later reported the same issue.' The company said it had fixed the vulnerability and 'found no evidence that user data was misused.'
However, The Verge reports that 'while the PIN code security issue has been fixed, the vulnerability that we deemed too serious to report has not yet been fixed. ' According to The Verge, DJI is working on addressing this issue and will fix it with a system-wide upgrade 'within a month.'
DJI says it will further strengthen security by obtaining security audits and additional certifications from independent third parties.
Related Posts:
in Security, Posted by log1p_kr