Scientist who uncovered McDonald's food loophole now focuses on automatons in Chinese eateries

In a recent development, cybersecurity researcher John Smith contacted Pudu Robotics to highlight security vulnerabilities in the control systems of their robots. Major clients such as Restaurant Chain A and Hotel Group B heeded the warning.

Pudu Robotics, which captured 23 percent of the market for commercial service robots last year, has over 100,000 units of robots in more than 1,000 cities. The company's response to the security vulnerability report, however, raised eyebrows. An email from Pudu Robotics, which appeared to be written by a chatbot, acknowledged the report and expressed gratitude.

Upon investigation, white-hat hacker Bobdahacker found that the backend software systems controlling Pudu's robots are vulnerable to abuse. Specifically, there were no extra security checks in Pudu's control software, enabling anyone to reset orders, move robots, and rename them. This vulnerability could potentially allow an attacker to redirect food orders, shut down robot fleets, manipulate FlashBot to foul office systems, or even steal intellectual property.

Bobdahacker initially reached out to Pudu's tech, support, and sales teams on August 12, but his warnings were ignored. Undeterred, he contacted Pudu's restaurant customers, including Japanese restaurant group Skylark Holdings with over 7,000 restaurants and Zensho, a food chain. By August 21, he had emailed over 50 company staffers to get someone to take notice.

Following the publicity, Pudu Robotics promptly locked down its systems and eliminated the security hole. The incident demonstrates that pressure on a manufacturer to fix problems can come from following the money and alerting customers.

As of press time, Pudu Robotics had no comment on the matter. However, the email from the company expressed its intent to address any further details or questions directly.

Scientist who uncovered McDonald's food loophole now focuses on automatons in Chinese eateries