RESEARCH | March 9, 2018

Robots Want Bitcoins too!

Ransomware attacks have boomed during the last few years, becoming a preferred method for cybercriminals to get monetary profit by encrypting victim information and requiring a ransom to get the information back. The primary ransomware target has always been information. When a victim has no backup of that information, he panics, forced to pay for its return.

Edited from original image by Kiyoshi Ota/Bloomberg

Robots currently exist in homes, education centers, businesses and industrial facilities – as toys, companions for the elderly, customer assistants, and healthcare attendants. This trend will continue as robots occupy a dizzying array of service roles – home and business assistants, intimate physical companions (sex robots), manufacturing workers (industrial robots, cobots), law enforcement, and more.

As human-robot interactions evolve, new attack vectors emerge and threat scenarios expand. To be prepared for these future threats, we should understand the key elements needed for ransomware for robots to succeed. Most importantly, we should understand an attacker’s motivations and strategies.

Our 2017 Robot Hacking Research

Last year, we found ~50 vulnerabilities in robots produced by several robot technology vendors. As outlined in the original research “Hacking Robots Before Skynet” and “Hacking Robots Before Skynet – Technical Appendix”, attackers could manipulate the flaws found in these robots to spy via the robot’s microphone and camera, leak data, or cause serious physical harm. These results have been presented in world-leading security conferences over the last year and also chosen as one the coolest hacks of 2017 and one of the biggest tech stories of 2017.

Strategies in Ransomware for Robots

While modern robots use different internal storages for data, most of the data they handle is in transit and only captured, retrieved, processed and transmitted to be stored in other endpoints.

While robots handle different types of valuable data, they aren’t commonly used to store it. Sensitive in-transit information that is not always persisted on a robot’s internal storage includes the following:

  • High definition video feed
  • Audio captured by 2 to 4 directional microphones
  • Payment information or other customer and business information
We considered whether attacking the in-transit information could be an approach in ransomware for robots.

There are common characteristics that robots share. One – they aren’t cheap and two – it’s not easy to factory reset them or fix software and hardware problems. Usually, when a robot malfunctions, you have to return it to the factory or employ a technician to fix it. Either way, you may wait weeks for its return to operational status.

Businesses and factories lose money every second one of their robots is non-operational. It stands to reason, then, that service and/or production disruption is another strategy for attackers. Instead of encrypting data, an attacker could target key robot software components to make the robot non-operational until the ransom is paid.

Comparing worker robots with cryptocurrency miners, what would happen if an entire mining array got interrupted for hours or days? Every inoperative second injures the process they are working on, causing huge money losses.

SoftBank’s Pepper and NAO Robots

SoftBank’s Pepper is one of the most used business oriented robots in the world – 20,000 in use in 2,000 businesses worldwide. NAO is one of the most used research and education robots in the world – 10,000 in use worldwide. Sprint has started using Pepper to assist customers at the telecommunications company’s retail stores in the US. Other well-known companies also employ these robots in the US and worldwide:

Because of their global popularity and a price point above $10,000, these robots make interesting targets for possible ransomware attacks. In order to understand the real threats of a hacked robot, we decided to explore post-exploitation techniques that ransomware attacks could use against business owners to interrupt their businesses and coerce them into paying ransom to recover their valuable assets.

Our PoC Ransomware

In our previous research we identified several vulnerabilities in these robots that can be leveraged in order to deploy ransomware. We decided to build a Proof of Concept (PoC) ransomware to prove this kind of attack on these robots. Since we only had a NAO robot, our tests were done on this model. However, because Pepper has nearly the same Operating System and vulnerabilities as NAO, our PoC ransomware works on Pepper as well.

In order to deploy ransomware on these robots an attacker can follow these steps:

  • Exploit an undocumented function that allows remote command execution. This vulnerability is being disclosed to the public today. Even though SoftBank was notified January 2017, we aren’t aware of any fix available yet. This undocumented function allows executing commands remotely by instantiating a NAOqi object using the ALLauncher module and calling the internal _launch function.

Disassembly of the ALLauncher in Pepper

  • Infect *.so module files to change robot default operations, disable administration features, monitor video/audio and send it to a C&C via Internet (e.g.: hooking and
  • Elevate privileges, change SSH settings. Change root password to disable remote access.
  • Disrupt factory reset mechanism in order to prevent the user restoring the system or uninstalling the ransomware:
    • /etc/init.d/firmware-update
    • /usr/libexec/firmware/flash-dspic
    • /usr/bin/chest-mode
    • /usr/bin/firmware-update
  • Notify infection to C&C server
  • Infect all behavior files, which contain custom code to execute the main robot business or actions.

In the following example, a robot greets and listens for orders from customers. Afterwards, the robot does face recognition to detect a customer’s face and give him special discounts or offers.

PaymentTerminal.xar – Project File Diagram

These .xar behavior files are executed on the robot and are special XML files which contain embedded Python classes. Each box represents one or more classes that get executed. By injecting custom Python code into any of these classes, the robot behavior can be changed in a malicious way without even changing the project file.

The following video shows a proof of concept of the entire ransomware attack:


Possible Ransomware Strategies

  • Interrupt service completely – all robots stop working.
  • Display adult content (porn) to customers, for instance, on Pepper robot’s tablet whenever the robot is on.
  • Curse customers when interacting with them. This impacts differently depending on the country laws or cultural background.
  • Perform violent movements in industrial robots at a random time while working.

The Difficulty in Removing Ransomware


As previously mentioned, many robots don’t have an easy and economical way to factory reset when there is a software malfunction. Having a technician fix a robot problem could take weeks depending on availability. Ironically, during our research, our robot started to malfunction. The only option to repair it was to send it back to the vendor. We had to ship it from our country to the US and wait a couple weeks for its return. We also had to cover the associated shipping costs, including customs handling.


Dear  Lucas Apa,

Thank you for the information you have provided. We are now going to repair your Robot at Softbank Robotics America, so we would need you to send it to us.


Please make sure you keep a backup of all your files and behaviors, as we may need to change or update your robot to the latest version of NAO OS / NAOqi.

We look forward to receiving your robot and repairing it as quickly as possible.

Best Regards,

Customer Care

Softbank Robotics America

Next Generation Threats and Conclusions


Our research demonstrates that ransomware for robots is a real threat with potentially huge economic implications for businesses – even more than regular ransomware. Regular ransomware can be easily removed and data recovered with an available backup. On the other hand, robot ransomware can’t be easily removed, the robots require specially trained technicians to repair problems, and non-operational downtime leads to lost production and revenue.

Due to these unique issues with robots, cyber criminals could ask for much higher ransoms than those requested for regular ransomware attacks. 

Businesses lose money every second robots are non-operational – whether through lost revenue, production and/or repair costs. Paying a ransom to quickly get the robots working again could be cheaper than the alternative.

In the special case of sex robots, where privacy and intimacy are a primary user concern, the lack of discretion when contacting technical support, arranging pickup and calling customer care, could incentivize users to pay a ransom for the return of a robot rather than dealing with the emotional fallout.

Though our proof of concept ransomware impacted SoftBank’s Pepper and NAO, the same attack is possible on almost any robot. Robot vendors should improve security as well as the restore and update mechanisms of their robots to minimize the ransomware threat. If robot vendors don’t act quickly, ransomware attacks on robots could cripple businesses worldwide.