One Word to Rule Them All: Researchers Hijack Robot Army With a Single Voice Command

A single whispered word could be all it takes to turn an army of advanced robots into a rogue force. This isn't a scene from a sci-fi thriller; it's a real-world demonstration by Chinese cybersecurity researchers, revealing a critical vulnerability that could allow spies to cause widespread chaos by turning one robot into a Trojan horse for an entire network.

The stunning exploit was showcased a few weeks ago at the GEEKCon cybersecurity competition in Shanghai. According to reports, researchers Qu Shipei and Xu Zikai from the security group DARKNAVY demonstrated how to seize control of a humanoid robot using only a verbal command. They then used the compromised machine to infect other internet-connected robots, manipulating the group to carry out malicious instructions.

The target was a commercially produced humanoid robot from China, priced at approximately 100,000 yuan (US$14,200). The researchers exploited a flaw within the robot’s built-in large-model agent, a sophisticated AI system designed to interpret and act on commands.

What is a large-model agent? It's an AI system that goes beyond conversational abilities like ChatGPT. It uses a large language model as its 'brain' to autonomously plan and execute multi-step tasks to achieve a goal, such as accessing the internet or controlling other connected devices.

The critical danger highlighted by the demonstration is the cascading effect. Once one robot is compromised, it can spread the infection to others on the same network. This turns a single-point failure into a systemic threat, capable of disabling everything from automated warehouses to future robotic security forces.