The company behind the startup has minimized the effects of the vulnerability, pointing out that the specific model involved has been taken off the market.
Unitree Robotics
One of China’s top robotics companies reported shutting down a third-party remote control service after discovering that it left their Go1 robotic dog vulnerable to potential hacking. This issue allowed unauthorized individuals to seize control of the device and potentially view footage from its cameras.
The firm detected a “security flaw” allowing attackers to acquire the administration key for a third-party cloud tunnel service utilized by Go1, as mentioned in a statement posted on social media platform X on Wednesday by the startup based inHangzhou.
The tunnel service that allowed for the remote operation of the Go1 was entirely discontinued in late March, following soon after when tech bloggers and hackers Andreas Makris and Kevin Finisterre shared their discoveries on the internet.
Are you looking for insights into the most significant issues and developments globally? Find your answers here.
SCMP Knowledge
Our latest platform features handpicked content including explainers, FAQs, analyses, and infographics, all provided by our acclaimed team.
Zhexi Cloud offered the service, and the bloggers noted that approximately 2,000 organizations, which included IP addresses from prestigious American educational institutions such as MIT, Princeton University, and Carnegie Mellon University, accessed it.
Neither Zhexi Cloud nor its subsidiary, Shanghai Beirui Information Technology, did not promptly respond to the comments sought on Thursday.
The bloggers accused Unitree of pre-installing a tunnel without informing their customers.
They stated that having this service available without informing the user is not considered ethical behavior and could be viewed as malevolent.
Makris and Finisterre pointed out that their investigation did not cover the company’s Go2 robotic dog or any of the humanoid robots. By Thursday, Unitree’s official site showcased over ten different models of robot dogs and humanoids.
Unitree responded by stating that users can access all materials within the firm’s repository, which encompasses details regarding the tunnel service. They underscored that the Go1 robot operates “offline by default” initially. Additionally, they mentioned that remote control capabilities are standard across numerous robotics enterprises.
The company minimized the effects of the flaw, stating that the Go1, launched in 2021, was phased out around two years ago. They added that later versions incorporated a safer and enhanced alternative.
Unitree has attracted considerable notice within China’s robotics industry.
a high-profile business symposium
Hosted by Chinese President Xi Jinping in February, founder Wang Xingxing was seen sitting in the front row among notable technology industry leaders.
Last month, during his trip to Hangzhou, Hong Kong Chief Executive John Lee Ka-chiu mentioned that Wang stated Unitree was considering exploring the potential for an initial public offering in the financial center, as reported by local media outlets.
More Articles from SCMP
China celebrates the return of physicist Lin Shaozhen – only to face online backlash
India says it targeted Pakistan’s radar in clash amid speculation system was made in China
China and Russia accuse US of raising risk of nuclear war and vow to respond to threats jointly
What measures has Hong Kong taken to increase transparency regarding charges at private hospitals?
The article initially appeared on the South China Morning Post (www.scmp.com), which is the premier source for news coverage of China and Asia.
Copyright (c) 2025. South China Morning Post Publishers Ltd. All rights reserved.
Leave a Reply