Thousands of DJI Robots Hijacked by Rogue App

A man who created a remote control app for his DJI Romo robot vacuum discovered that it had been accessed by thousands of other devices worldwide, allowing him to remotely control and exploit them. Sammy Azdoufal had intended to use the app to control his own Romo vacuum with a PS5 gamepad. However, when he initiated communication with DJI’s servers through his homemade app, over 7,000 other Romo vacuums around the globe began responding to him as if they were under his command. With this newfound access, Azdoufal gained the ability to remotely control and monitor these devices, using their live camera feeds to gain insight into their surroundings. He could also instruct them to map out every room of a house, generating detailed 2D floor plans in the process. DJI has since issued a statement urging users to update their Romo vacuums with the latest security patches to prevent similar incidents from occurring.