US EditionSecurity flaw accidentally gave man control of thousands of robot vacuums
A security flaw in DJI’s Romo robot vacuum allowed control of 6,700 devices in 24 countries, exposing live feeds and home floor plans before being patched.
- On February 27, 2026, Sammy Azdoufal, researcher/software engineer, discovered a security flaw that allowed control of 6,700 DJI Romo robot vacuums in 24 countries amid a turbulent month for DJI.
- After creating a custom app for his PlayStation setup, Azdoufal altered Romo-to-server communication to pilot his vacuum with a PS5 controller, using help from AI assistant Claude and accessed others via a 14-digit serial number, alerting DJI about the authentication slip-up.
- Owners' home layouts and live cameras were reachable, exposing 3D floor plans plus live camera feeds and microphone audio, with DJI Romo's remote‑viewing behavior offering no user notification.
- DJI restricted access to the authentication endpoint and patched the flaw as of February 24, and the Romo was removed from DJI's online store as of February 26, while consumers were advised to tape their cameras.
- The episode raises wider questions about roaming camera‑equipped IoT devices, as observers warn AI‑enabled misuse could let bad actors exploit flaws in other robot‑vacuum brands.
13 Articles
13 Articles
DJI robot vacuum cameras accidentally hacked in security nightmare
February has been a turbulent month for DJI. The Chinese tech giant, best known for making drones, escalated its fight against the U.S. drone ban by suing the FCC. Then the internet erupted over an entirely different DJI device: The Romo robot vacuum. Thousands of Romo vacuums and their live cameras worldwide were reportedly hacked — and not by an evil mastermind sitting in a room surrounded by screens, but by a guy trying to get his PS5 control…
For fun, Sammy Azdoufal, a computer scientist, wanted to control his connected vacuum via his video game controller. Except that by hacking his device, he also managed to take control of thousands of other devices at the end of their owners. After this discovery, he immediately alerted the manufacturer. To counter these malicious acts, more and more connected object manufacturers call on cybersecurity experts, such as Baptiste Moine. (New techno…
He accidentally gained control of 7,000 robot vacuums
CNN’s Clare Duffy spoke with Sammy Azdoufal, who says he accidentally hacked thousands of DJI Romo vacuums while trying to connect it to his play station control, giving him access to other users’ microphone audio and video streams. DJI says the issue has since been resolved.
A French engineer discovered by chance that he could have access to thousands of robot vacuum cleaners around the world by trying to pilot his, Chinese brand, with his PS5 controller. The flaw, since...
Coverage Details
Bias Distribution
- 57% of the sources lean Left
Factuality
To view factuality data please Upgrade to Premium