A man who accidentally discovered a major security flaw in DJI robot vacuums will receive a $30,000 reward from the company after revealing that thousands of the devices could be remotely accessed.
Sammy Azdoufal discovered while experimenting with his DJI Romo robot vacuum. He was simply trying to control his vacuum using a PlayStation game controller, but during his testing, he realized something unusual. Instead of connecting to just his own device, he found a network of nearly 7,000 DJI robots that could potentially be accessed remotely.
The discovery meant someone could view video streams from these robot vacuums and possibly look inside people’s homes. The scale of the issue quickly raised serious privacy and security concerns.
According to reports, DJI had already started fixing some of the security problems before Azdoufal publicly demonstrated how much access was possible. However, it was unclear at first whether the company would reward him for reporting the vulnerability.
DJI has now confirmed that it rewarded a security researcher with $30,000 for the discovery. The company did not officially name Azdoufal, but he shared an email confirming the payment.
The company also confirmed that one of the vulnerabilities allowing people to view the robot’s video feed without a security PIN was fixed by late February. DJI says it is continuing to upgrade its entire system to address other security issues that were discovered during the investigation.
The situation highlights how connected home devices can sometimes expose serious privacy risks if security systems are not properly designed. Experts often encourage companies to reward researchers who responsibly disclose vulnerabilities, because it helps fix problems before they can be exploited by malicious actors.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
In this case, what started as a simple experiment with a game controller ended up uncovering a massive security flaw affecting thousands of smart home devices around the world.
