Researcher who found McDonald's free-food hack turns her attention to Chinese restaurant robots
(2025/08/29)
- Reference: 1756501268
- News link: https://www.theregister.co.uk/2025/08/29/pudu_robots_hackable/
- Source link:
A researcher caught the world’s leading supplier of commercial service robots using shoddy admin security that let attackers redirect the delivery machines to anywhere and make them follow any command.
Pudu Robotics is a Chinese robot manufacturer with over 100,000 units in over 1,000 cities doing everything from serving meals with the cat-like BellaBot, to using its mechanical-armed FlashBot to operate human-designed systems like elevators, as you can see below.
[1]Youtube Video
[2]
[3]According to analysts Frost and Sullivan, last year it captured 23 percent of the market for such kit, but a hacker has found that the backend software systems controlling them are vulnerable to abuse.
[4]
[5]
White-hat hacker Bobdahacker, who exposed the free-food flaw in [6]McDonald's ordering system earlier this month, has been digging into Pudu and found she could exploit the control software behind the robots because administrators hadn’t locked down access. To do so, an attacker must have a valid auth token, which can be snaffled using a cross-site scripting intrusion, or someone could just set up an account to try before you buy a robot, she told The Register .
With this level of access, an attacker could redirect food orders or shut down the entire fleet of restaurant robots in a DDoS food attack. Crims could also make FlashBot foul office systems up or steal intellectual property.
[7]
Once she got past the initial authentication test, Bobdahacker found there were no extra security checks, enabling anyone to reset orders, move the robots to new locations, and rename them to make recovery that much harder. But when she alerted the business about the issue, she was stonewalled until she started contacting their customers.
On August 12, she contacted Pudu about the issue, but the company's tech, support, and sales teams all blanked the warning. By August 21, she'd been reduced to emailing over 50 company staffers to try and get someone to take notice.
[8]McDonald's not lovin' it when hacker exposes nuggets of rotten security
[9]Nvidia touts Jetson Thor kit for real-time robot reasoning
[10]Robots can program each other's brains with AI, scientist shows
[11]Open the pod bay door, GPT-4o
It was only when she started contacting Pudu's restaurant customers that Bobdahacker got a call back. Japanese restaurant group Skylark Holdings, which has over 7,000 restaurants, and Zensho, a food chain, both took the warnings seriously.
About 48 hours after Bobdahacker contacted these customers, Pudu replied with an email that looked like it was written by ChatGPT. "They couldn't even be bothered to replace the '[Your Email Address]' placeholder from their ChatGPT template. Peak effort right there," she said in her [12]report .
"On behalf of Pudu Robotics, I would like to extend our sincere gratitude for taking the time to report the security vulnerability to us. We highly appreciate your efforts in following responsible disclosure practices," the message read.
[13]
"Thank you for your valuable contribution to our security. If you have any further details or questions, please do not hesitate to reach out to me directly at [Your Email Address]."
On the bright side, Pudu locked down its systems and eliminated the security hole. It just goes to show that sometimes the best pressure you can put on a manufacturer to fix their problems comes from following the money and alerting customers.
Pudu had no comment at press time. ®
Get our [14]Tech Resources
[1] https://www.youtube.com/watch?v=yq1FX4joqxQ
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aLIi9KRR5ifQvEwfL4W8QgAAAEk&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://www.prnewswire.com/news-releases/pudu-robotics-takes-lead-in-global-commercial-service-robotics-market-302220924.html#:~:text=NEW%20YORK%2C%20Aug.,securing%20the%20top%20position%20globally.
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aLIi9KRR5ifQvEwfL4W8QgAAAEk&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aLIi9KRR5ifQvEwfL4W8QgAAAEk&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[6] https://www.theregister.com/2025/08/20/mcdonalds_terrible_security/
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aLIi9KRR5ifQvEwfL4W8QgAAAEk&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[8] https://www.theregister.com/2025/08/20/mcdonalds_terrible_security/
[9] https://www.theregister.com/2025/08/25/nvidia_touts_jetson_thor_kit/
[10] https://www.theregister.com/2025/08/07/generative_ai_codes_drone_control/
[11] https://www.theregister.com/2025/08/20/gpt4o_pod_bay_door/
[12] https://bobdahacker.com/blog/hacked-biggest-chinese-robot-company
[13] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aLIi9KRR5ifQvEwfL4W8QgAAAEk&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[14] https://whitepapers.theregister.com/
Pudu Robotics is a Chinese robot manufacturer with over 100,000 units in over 1,000 cities doing everything from serving meals with the cat-like BellaBot, to using its mechanical-armed FlashBot to operate human-designed systems like elevators, as you can see below.
[1]Youtube Video
[2]
[3]According to analysts Frost and Sullivan, last year it captured 23 percent of the market for such kit, but a hacker has found that the backend software systems controlling them are vulnerable to abuse.
[4]
[5]
White-hat hacker Bobdahacker, who exposed the free-food flaw in [6]McDonald's ordering system earlier this month, has been digging into Pudu and found she could exploit the control software behind the robots because administrators hadn’t locked down access. To do so, an attacker must have a valid auth token, which can be snaffled using a cross-site scripting intrusion, or someone could just set up an account to try before you buy a robot, she told The Register .
With this level of access, an attacker could redirect food orders or shut down the entire fleet of restaurant robots in a DDoS food attack. Crims could also make FlashBot foul office systems up or steal intellectual property.
[7]
Once she got past the initial authentication test, Bobdahacker found there were no extra security checks, enabling anyone to reset orders, move the robots to new locations, and rename them to make recovery that much harder. But when she alerted the business about the issue, she was stonewalled until she started contacting their customers.
On August 12, she contacted Pudu about the issue, but the company's tech, support, and sales teams all blanked the warning. By August 21, she'd been reduced to emailing over 50 company staffers to try and get someone to take notice.
[8]McDonald's not lovin' it when hacker exposes nuggets of rotten security
[9]Nvidia touts Jetson Thor kit for real-time robot reasoning
[10]Robots can program each other's brains with AI, scientist shows
[11]Open the pod bay door, GPT-4o
It was only when she started contacting Pudu's restaurant customers that Bobdahacker got a call back. Japanese restaurant group Skylark Holdings, which has over 7,000 restaurants, and Zensho, a food chain, both took the warnings seriously.
About 48 hours after Bobdahacker contacted these customers, Pudu replied with an email that looked like it was written by ChatGPT. "They couldn't even be bothered to replace the '[Your Email Address]' placeholder from their ChatGPT template. Peak effort right there," she said in her [12]report .
"On behalf of Pudu Robotics, I would like to extend our sincere gratitude for taking the time to report the security vulnerability to us. We highly appreciate your efforts in following responsible disclosure practices," the message read.
[13]
"Thank you for your valuable contribution to our security. If you have any further details or questions, please do not hesitate to reach out to me directly at [Your Email Address]."
On the bright side, Pudu locked down its systems and eliminated the security hole. It just goes to show that sometimes the best pressure you can put on a manufacturer to fix their problems comes from following the money and alerting customers.
Pudu had no comment at press time. ®
Get our [14]Tech Resources
[1] https://www.youtube.com/watch?v=yq1FX4joqxQ
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aLIi9KRR5ifQvEwfL4W8QgAAAEk&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://www.prnewswire.com/news-releases/pudu-robotics-takes-lead-in-global-commercial-service-robotics-market-302220924.html#:~:text=NEW%20YORK%2C%20Aug.,securing%20the%20top%20position%20globally.
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aLIi9KRR5ifQvEwfL4W8QgAAAEk&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aLIi9KRR5ifQvEwfL4W8QgAAAEk&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[6] https://www.theregister.com/2025/08/20/mcdonalds_terrible_security/
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aLIi9KRR5ifQvEwfL4W8QgAAAEk&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[8] https://www.theregister.com/2025/08/20/mcdonalds_terrible_security/
[9] https://www.theregister.com/2025/08/25/nvidia_touts_jetson_thor_kit/
[10] https://www.theregister.com/2025/08/07/generative_ai_codes_drone_control/
[11] https://www.theregister.com/2025/08/20/gpt4o_pod_bay_door/
[12] https://bobdahacker.com/blog/hacked-biggest-chinese-robot-company
[13] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/research&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aLIi9KRR5ifQvEwfL4W8QgAAAEk&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[14] https://whitepapers.theregister.com/
"Crims could also make FlashBot foul office systems up or steal intellectual property."
Why do something boring like that when you could set the robots up to have a food fight?