Hackers Claim They Can Brick Every Rabbit R1 And Access All Users’ Responses

That $200, blazing orange, minimalist AI doohickey called the Rabbit R1 promised it would go your go-to AI companion. Instead, it proved it was a malformed and half-baked machine that couldn’t lucifer up to immoderate of its lofty promises. Now, according to a radical of achromatic chapeau hackers, it’s adjacent worse than that. The squad calling themselves Rabbitude claims they’ve had entree to each the Rabbit R1’s codebase API keys for implicit a month, granting them a highest astatine each of Rabbit’s responses, including immoderate delicate accusation offered to the AI.

All this is to say, if you’re inactive 1 of those small hares who inactive leap astatine the accidental to usage a Rabbit R1, you should halt doing truthful immediately.

Rabbitude claimed it gained entree to the Rabbit codebase backmost connected May 16. The squad besides shared the API keys that let the Rabbit to link to Google Maps and Yelp, which gives the AI models entree to section reviews and directions. The squad besides says it has entree to the ElevenLabs key, which is the strategy Rabbit uses for text-to-speech. That past 1 is peculiarly important to mundane Rabbit operations since it lets the hackers get a past of each past text-to-speech messages and adjacent ceramic the instrumentality by deleting the voices entirely.

After the hacker radical released its findings late Tuesday, 1 of the members who goes by Eva online said ElevenLabs temporarily revoked the ElevenLabs API key, which besides unopen down each Rabbit devices for a clip earlier it went backmost online. They said, “Rabbit knew astir it and did thing to hole it.”

Gizmodo contacted Rabbit aboriginal Wednesday greeting for a comment, but we did not instantly perceive back. The institution told Engadget that it was alert of the alleged breach but was “not alert of immoderate lawsuit information being leaked oregon immoderate compromise to our systems.” Gizmodo besides asked Rabbit if it has revoked immoderate API keys, though we’ll update this station if we perceive more.

The Rabbit R1 is already prone to nonaccomplishment since it relies truthful overmuch connected unreality services that are not straight controlled by the Rabbit team. Last month, a ChatGPT outage temporarily made the instrumentality utterly useless. Gizmodo could not independently corroborate whether the Rabbit went offline owed to immoderate meddling with the ElevenLabs API. We contacted the hacker squad for impervious and comment, and we’ll update this communicative if we perceive more.

Tech blogger Ed Zitron has already detailed the company’s translation from moving connected a crypto metaverse task to its AI device. YouTuber CoffeeZilla besides broke down immoderate of the much concerning aspects of the device, including immoderate “serious information privateness concerns” aft looking astatine the Rabbit’s codebase. He mentioned “things malicious actors could usage to get entree to each the replies the R1 has ever given.”

On the Rabbitude Discord, the squad claims they person been moving with CoffeeZilla since they accessed that codebase implicit a period ago. The squad further said, “This is real. Rabbit tin creation astir it each they like, but it is real, and this did happen. They had a period to alteration the keys, and they didn’t. That’s connected them.”