G1 humanoid robots are sending information to China and can easily be hacked (techxplore.com)

Security researchers from Alias Robotics published a reverse‑engineering audit of the Unitree G1 humanoid robot (arXiv, 2025) showing critical security failures that let the robots be remotely commandeered and used for covert surveillance or network attacks. The team found the BLE-based Wi‑Fi onboarding and internal communications protected by extremely weak, hardcoded secrets: a single static encryption key embedded in every robot and a predictable token (researchers demonstrated that encrypting the string "unitree" with the hardcoded key was enough to bypass protections). Configuration files use the same static key across devices, so breaking one device compromises them all. The G1 also periodically sends telemetry offsite—about every five minutes—to servers in China, and its onboard computer can be repurposed to mount offensive operations against local networks. The robots are already deployed in labs and some police units, amplifying risk. The paper underscores broader implications for the AI/ML and robotics community: humanoid platforms are physical–cyber convergence systems and require fundamentally different security models. The researchers’ failed responsible disclosure to Unitree and the systemic use of shared secrets highlight urgent fixes: unique per‑device keys, robust BLE pairing and authentication, signed firmware and config files, telemetry transparency, and network segmentation. The study argues for adaptive cybersecurity approaches—potentially AI‑driven—to protect increasingly autonomous, widely deployed robots from becoming scalable attack vectors.