Researcher who found McDonald's free-food hack turns her attention to Chinese restaurant robots A researcher caught the world’s leading supplier of commercial service robots using shoddy admin security that let attackers redirect the delivery machines to anywhere and make them follow any command. Pudu Robotics is a Chinese robot manufacturer with over 100,000 units in over 1,000 cities doing everything from serving meals …
You notify them, you give them adequate time to fix the flaw and if they refuse to even acknowledge you or that the problem exists (as many companies choose to do because they have no one in their ranks who understands the importance of security)... that's when you go public. You tried, you met a brick wall... you expose poor security practices and standards that can harm customers of ignorant businesses.
That all probably explains the PUDU D9 that's currenlty described as a "Bipped Halumanoid Robot" (inspiring great confidence).
I guess it used to be a Bipedal Humanoid Robot until someone remotely cyberhacked its syntactical "breaks" ... whence, post rear-endage, the extra "p" arose from tensile stresses as they pulled the "biped" back out, just before the "al" broke off! ;)
Ahhhh, the Unstoppable Cypriot White Gold of Robots, the Terminator of Cheese, with its unique "ability to stay intact while fried or grilled instead of melting into a gloop"!
No wonder "some other countries [are] trying to market their own versions" of this cybernetic grand fromage's squeaky yumminess ... albeit in misspelled grey plastic! ;)
Ooo! Forgive me being vague...
I once worked for a Big Company. Scammers would seek out vulnerable web servers and have them host a dummy site that was mad to look like Big Company. It would ask them (in the voice of Big Company) to input their details etc. It then would pass those details to the criminals.
Our job was to work with the server owners to have them sort their server's vulnerabilities and get them patched. In the process, they could remove the third-party software (scammerware!) and everyone would be happy.
Except...
Sometimes, server owners either refused to accept the word of Big Company (a huge multinational, I add), or they just ignored us. Either way, said scammer site would continue to operate - collecting personal data from OUR customers and clients - who would then complain to Big Company and threaten to take their business elsewhere. So, we had a strong interest in having server owners actually engage with us.
One such server's security was so lax, I decided to just delete the scammer's website folder and have done with it, because the server owner was telling us that we were wrong and they were perfect (I hope they eventually sacked their Head of Security, or webmaster). What I couldn't see, without being a little more heavy-handed, was how the scammer would re-spawn their website every time I deleted the files. After a bit of thought, I realised that as long as the folder and files existed, the respawn wouldn't happen. So, instead I edited the spanner's 'Big Company' look-a-like website to read things like, "We are scammers and not really Big Company and we are only seeking to steal your data and money," and other such warnings, as altered website text.
Job well done! Or so I thought...
When my bosses found out, they were horrified. Here in the - no, I won't say which country - I had left myself open to criminal charges of unauthorised access to a computer system. On top of that (and more importantly for Big Company), any attempt by me to mitigate would surely drag their name through the mud. In addition, there was a big question over THEIR implied authorisation to me regarding breaking said laws.
Our way out? Delete the site and have the thing respawn as the scammer intended and allow the scam to continue - despite the refusal of the server owner to even consider looking at their system.
Basically, what my experience taught me is that hacking (however good), seems fraught with legal pitfalls. While silent/stealthy access of a system to determine a lack of security is possible - progressing beyond that belief into testing precisely what can be done, is deemed a criminal act by some jurisdictions if not done with the permission, or invitation of the owner. I fail to see how such claims can be made without opening oneself to criminal proceedings.
"Our way out? Delete the site and have the thing respawn"
That's dodgy enough at it is.
If you're Bigcorp and you're faced with idiots claiming their site is perfect whilst hosting a scamsite, the fastest way to achieve shutdown of imitators is to use the courts to get their attention and/or hit their hosters/upstream with a headsup from corporate legal (nice first. LART if ignored)
As it would be using BigCo's logos etc. A copyright writ on the hosting company could have got their attention PDQ. Possibly the fake site could have been linking direct to BigCo to get the logos. In that case there a slightly trickier option to achieve what Zakspade did without hacking the site at all. First set up a new set of logos, ensure all BigCo's sites linked to them and then replace the original logos with messages saything "We're spammers ....". That's trickier in that (a) you have to be sure you've updated all the old links and (b) some eejit in BigCo's marketing won't have got the message and will send out emails with the old URLs.
Whilst the company really does need to shore up it's security...
"They couldn't even be bothered to replace the '[Your Email Address]' placeholder from their ChatGPT template. Peak effort right there," she said in her report.
I'm going to cut them some slack here. I'm not sure I'd know what the equivalent of '[Your email address]' would look like in the original script, if you're using AI to translate, you're probably not a speaker of the target language; especially one with a completely different script. The people receiving, processing and replying to these emails are usually not well paid or highly skilled.
This does after all sound like a company who's target market is native speakers.
A villain might have these robots raid the kitchen and go on a rampage with santoku knives in hand.
Given the implicit trust these serving robots seem to enjoy I could see their being used by terrorists etc for assassination - it just toddles up to the target's table with a serving of high explosive.
Santokus are general purpose knives, so probably not the best for being all stabby. Yanagibas would probably be more effective, having a pointier end, typically being sharper, and giving a bit more range. I know I've managed to cut myself more on my yanagiba than on my santoku, and I use the santoku more often.
@ El reg - worth checking out the updates on that blog post:
Update: (2025-09-03)
After a Google Meet meeting with Pudu Robotics, I need to correct some misunderstandings in my original post:
The Timeline: Pudu didn't ignore my reports. They didn't receive my initial emails to sales/support, but once they saw my report through other channels, they immediately began working on fixes. They only contacted me once the fix was ready to deploy, which explains the timing.
The First Response: The '[Your Email Address]' placeholder was an unfortunate oversight during editing. However, in the full email, the Pudu team clearly stated, "We have a patch in development and expect to have this vulnerability remediated by the end of this week." This is the part from my blog's citation that was omitted.
Their Response: They actually treated this seriously from the moment they became aware of it. The delay in response was them fixing the issues, not ignoring them.
Moving Forward:
Pudu is upgrading its SRC (PUDU Security Response Center) to more effectively handle issues.
They already made a security@pudutech.com email
We're exploring ongoing security collaboration
I was wrong to assume malice when it was actually a communication breakdown. Pudu does take security seriously, they just need better processes for researchers to reach them, which they're now implementing.
So Long, and Thanks for All the Fish
https://bobdahacker.com/blog/hacked-biggest-chinese-robot-company
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
