DJI Will Pay $30,000 to the Man Who Accidentally Hacked Thousands of Their Robot Vacuums

A software engineer named Sammy Azdoufal set out to do something fun with his new DJI Romo robot vacuum. He wanted to control the device remotely using a PlayStation 5 controller. While building a custom app for this purpose, he turned to an AI coding assistant called Claude to help reverse-engineer how the vacuum communicated with DJI’s cloud servers. What started as a personal project quickly turned into the discovery of a major security flaw. As Azdoufal worked on extracting a security token.