Yep, you read that right. A Chinese robot dog that builds a tunnel into your network for the world to see! Check it out here.
Remote Access Backdoor Discovered in Chinese Robot Dog Unitree Go1
🔴 LIVE @ https://twitch.tv/LowLevelTV
🏫 COURSES 🏫 Learn to code in C at https://lowlevel.academy
🔥 SOCIALS 🔥 Come hang out at https://lowlevel.tv
source
you know what else comes with special features? … idk anyway check out https://lowlevel.academy and learn to code today! ( its on sale btw 😏)
A backdoorable robot dog will sell well in Pakistan, something tells me.
Wow these robots looked cool but I couldn't think of a reason to get one but glad I didn't. It does seem common for IoT stuff to be like "hey this device is extendable and you can do you're own thing with it" just means "we made it really insecure and that makes it easy for you (or anyone) to do whatever you want with it"
Bad that a company is wantedly doing this.
homeless people from all over the world will use these robots as their toys
expensive and yet zero effort put into the actual software, somebody get these guys jobs at boeing.
Three “Brains,” One Body
Raspberry Pi 4 (the “master”)
Handles high‑level logic, network, and coordination.
Feeds off your external power supply and the smart battery via a power‑management board.
Nano‑1 & Nano‑2 (the “body controllers”)
Each Nano‑4GB talks to two depth cameras and crunches vision data for walking and obstacle avoidance.
Nano‑3 (the “head controller”)
Drives the head’s two depth cameras and any extra sensors up top.
All three modules link into an internal Ethernet switch—that’s your backplane for data and commands.
The Sensor & Actuator Bus
Sensors:
IMU and “master controller” feed inertial data into the switch.
Depth cameras plug directly into their assigned Nano board.
Motors:
A shared RS‑485 bus snakes out from the master switch to all 12 brushless motor controllers in the legs.
Why This Matters for Hacking
Ethernet switch = one chokepoint for network‑level MITM or firewall rules.
UART headers likely live on each compute board—your golden ticket for console access.
RS‑485 bus is where motion commands flow; spoofing packets here could let you “puppet” the legs.
Flash storage on each Nano (eMMC or SPI‑NOR) holds the firmware you’ll dump, patch, and reflash.
Attack‑Surface Roadmap
Pi 4 first: It’s higher‑level, already running Linux—UART → dump /dev/mmcblk0 → patch U‑Boot or systemd.
Nanos next: Repeat the UART‑dump‑patch dance on each; they host the computer‑vision and gait‑control code.
Lock down RS‑485: Once your firmware’s clean, either block or inject commands on the motor bus.
It was the lightbulb all along…
americans hyper focussing on chinese 'surveillance' as if the real problem is not knock knocking at your door is absolutely surreal to watch
Damn I wanted to buy one of these after Uni. I hope an open source OS will will be available for them, with 3rd party security patches.
That backdoor is the standard chinese backdoor that we see in some of these routers and embedded devices.
It's not a dog, it's a RAT
I had a Go2. It was fun but also didn't do anything with it and sold it. I never had the balls to 1: connect it to my network, or 2: use their app.. I REALLY try not using any chinese apps and if I do, I do it on a specific device.
<sarcasam>My guess it is working as expected, what is the issue or bug?</sarcasam>
Remote access to customer facilities is why the device is sold for, and btw the customer gets to keep the device too. yeah
This is what happens when you let electronics and mechanical engineer go by themselves without a software dev or cybersecurity expert auditing their code
IoT stuff is trash.
It's more of an exploit to hack and doxx you, than it is useful for ANYTHING else.
Doesn't the S in IOT stand for security?!?
I doubt that its a backdoor or a virus, if they were going to do it they would've hid the source code
I tend to believe that it wasn't malicious but developers/release managers being lazy. Why? Because they open-sourced the software and provided the Cloudsail key to the researchers.
IPL have this
I doubt that will happen (lights go out)
Are you saying the next generation Russian Killer Drone is this thing? Naw. No way. Fake news. Mis information.
Neh.
the Huawei phone memes are real
Let's be honest this is China we are talking about the thieves of the world.
I think it’s pronounced “Sexy”
Cloudcel lol
The surveillance spy phones are not enough, so they are making surveillance pets and women. This is an attack on humanity; I repeat, this is an attack on Humanity.
Best reverse shell ever!
so what I'm hearing is a rouge AI could instantly access an army of robot dogs without going through any real security 🤔 that's wonderful
move fast and break things
Also. Isle of Dogs Vibes (https://www.youtube.com/watch?v=dt__kig8PVU)
"specifically targeting research institutes" when the phrasing in your marketing tells on you. oh great two way cloud connection between all the dogs, that's got potential for horrible pack behaviors..
Thanks maate 👍(Ed). I just passed the references (and your beautiful mug) on to "OTAhgo" uni.. Not often you see kiwi entities named.
Anything that does software/firmware updates has an equivalent vulnerability.