Accidental Overlord: How a PS5 Controller Mod Unlocked a 7,000-Unit Robot Vacuum Army

The vast majority of autonomous vacuum cleaners are equipped with integrated cameras and remote manipulation capabilities, with their core functionalities predominantly tethered to the cloud. This architecture permits users to orchestrate cleaning cycles, observe real-time surveillance feeds, and delineate navigation paths via dedicated mobile applications.

However, as smart home peripherals are granted increasingly expansive privileges, their inherent security vulnerabilities multiply. For instance, a researcher recently exposed a critical flaw within DJI’s nascent robotic vacuum lineup. Leveraging this exploit, the individual gained unauthorized access to 6,700 vacuum units across 24 nations, alongside several thousand docking stations. Intriguingly, the discoverer, Sammy Azdoufal, is not a professional security auditor but an AI Director for a property management firm. His investigation commenced as a whimsical endeavor to manipulate his DJI Romo unit utilizing a PS5 controller.

What began as a recreational pursuit evolved when Azdoufal utilized Claude Code to develop a program—effectively involving reverse engineering—to interface with DJI’s cloud infrastructure. To his astonishment, the script facilitated a connection not only to his personal device but to a vast fleet of 6,700 external units.

Upon establishing this unauthorized nexus, Azdoufal obtained full command over the devices, including physical movement, real-time camera activation, and the exfiltration of serial numbers and IP addresses. Furthermore, he could access granular floor plans, operational telemetry, and a 14-digit override code capable of bypassing any device-specific PIN. Following a responsible disclosure, DJI promptly remediated the flaw. The company asserted that while they were already addressing the backend authentication vulnerability, the patch had not yet achieved universal deployment at the time of the report.

DJI sought to downplay the severity of the breach, contending that only a negligible number of users—primarily security researchers—had successfully exploited the flaw. Nevertheless, Azdoufal subsequently unearthed additional vulnerabilities, the details of which remain sequestered due to their grave nature, pending a comprehensive firmware update from DJI.

The meteoric advancement of artificial intelligence presents a dual-edged sword for cybersecurity. While developers can leverage AI to fortify code and preemptively identify defects, the technology simultaneously empowers malicious actors—or even laypersons—to discover exploits with unprecedented ease. In this instance, the discovery was an inadvertent byproduct of Claude Code’s efficiency; the AI was merely fulfilling a request for controller integration, unknowingly exposing a massive systemic failure.

This paradigm shift suggests that future incursions may be spearheaded by individuals lacking formal technical expertise, thereby necessitating a more rigorous standard of software craftsmanship. Should developers persist with legacy methodologies, they remain acutely susceptible to devastating data breaches in an AI-accelerated threat landscape.