Researchers at the University of Pennsylvania have discovered that a series of artificial intelligence-enhanced robot systems have serious vulnerabilities and are susceptible to hacking and control.

A report by IEEE Spectrum cited shocking examples, such as a hacked robotic dog aiming a flamethrower at its owner, guiding bombs to the most destructive locations, and self-driving cars deliberately crashing into pedestrians.

It is understood that researchers from the Pennsylvania School of Engineering have named their LLM-based robot attack technology they developed as RoboPAIR. Devices from three different robot suppliers have all been hacked by RoboPAIR: the NVIDIA-supported Dolphin LLM, the Clearpath Robotics Jackal UGV, and the Unitree Robotics Go2 quadruped robot. The researchers said that RoboPAIR has achieved a 100% success rate in hacking these devices.

George Pappas, a professor of transportation in the Department of Electrical and Systems Engineering, Computer and Information Science, Mechanical Engineering and Applied Mechanics at the Pennsylvania School of Engineering, warned: "Our research shows that currently, when large language models are integrated with the physical world, they are not yet safe enough."

Other researchers have pointed out that it is "astonishingly easy" to hack AI-controlled robots. They explained that RoboPAIR works by equipping the application programming interface (API) of the target robot, so that attackers can format the prompts in a way that the device target can execute as code.

The research paper concludes that there is an urgent need to implement defensive measures to physically restrict LLM-controlled robots.