Hackers assert they possess unauthorized access to a vast trove of Rabbit R1 user data.
Revised Version
June 26, 2024 – 12:50 PM Update:
Rabbitude, a hacker and developer collective, has raised alarm bells once again about the Rabbit R1, the AI gadget touted as a personal companion. In a surprising twist, they've claimed not just access to users' AI responses and voice models through the revoked ElevenLabs API key, but also Rabbit's internal messaging service.
On their site, Rabbitude detailed that Rabbit revoked the ElevenLabs API key but admitted to having one poorly executed key that temporarily bricked some users' devices. However, they didn't stop there. Rabbitude revealed another hardcoded API key, this time for Sendgrid, the email service supporting the r1.rabbit.tech subdomain. This domain, according to Rabbitude, stores sensitive user data in spreadsheets.
An email alleged to be from – used for press announcements – was shared with Gizmodo by one of Rabbitude's developers, hinting at a potential breach. Additional emails were sent to Jason Koebler at 404 Media, whose email was previously used for sharing press announcement details with journalists.
Rabbit responded with a security blog post, stating that it was informed of a third-party gaining access to various API keys used by Rabbit. Rotating these keys reportedly caused a brief downtime on the devices, seemingly confirming Rabbitude's comments. Rabbit has yet to address the alleged Sendgrid API access.
Given these developments, it's advisable to hold off on using a Rabbit R1 until Rabbit provides clear insights into its internal security measures. The initial flaws and cloud dependency issues have already left the device incapacitated during an ElevenLabs outage.
In its original form, the Rabbit R1 promised to be your go-to AI companion. Unfortunately, it fell short, with white-hat hackers Rabbitude claiming they've had control over its codebase API keys for over a month. This gave them access to all the Rabbit's responses, including sensitive information offered to the AI.
Rabbitude obtained API keys for various services, such as Google Maps and Yelp, which provided the AI with access to local reviews and directions. They also gained access to the ElevenLabs key used for text-to-speech, allowing them to view the history of all past text-to-speech messages and potentially brick the device by erasing the voices.
After exposing their findings on May 16, from Rabbitude claimed that ElevenLabs temporarily revoked the ElevenLabs API key, which also disabled all Rabbit devices for a time before it was restored. This move, according to , was known to Rabbit but ignored.
Gizmodo reached out to Rabbit for comment but has yet to hear back. The company told Engadget that it was aware of the alleged breach, but there was no indication of any data being leaked or system compromise. Gizmodo asked Rabbit if it plans to revoke any additional API keys, and we'll update this article if more information becomes available.
Last month, a ChatGPT outage rendered the Rabbit R1 unusable due to its heavy reliance on cloud services. Gizmodo could not independently verify whether this disruption was caused by meddling with the ElevenLabs API, but the Rabbitude team provided no evidence to support this claim.
Tech blogger Ed Zitron chronicled Rabbit's transformation from a crypto metaverse project to an AI device. YouTuber CoffeeZilla delved into the device's concerning aspects, citing "potential data privacy issues" due to the device's codebase, which might allow malicious actors to access the AI's past responses.
The Rabbitude Discord supposedly collaborated with CoffeeZilla since gaining access to the Rabbit's codebase over a month ago. The team further stated, "This isn't a hoax; Rabbit may downplay it, but the breach did happen."
- Rabbitude's concerns about the Rabbit R1 extend to the future, as they claim hackers have control over the device's codebase API keys and access to sensitive information like emails sent via Sendgrid.
- Hackers, including Rabbitude, have obtained API keys for various services connected to the Rabbit R1, such as Google Maps and Yelp, allowing them to access local reviews and directions.
- In light of these findings, it's questionable whether tech companies should continue using services like SendGrid, especially when they're hardcoded into products like the Rabbit R1.
- The ongoing saga between Rabbit and white-hat hackers like Rabbitude highlights the importance of companies resetting and securing their API keys, not just for the Rabbit R1, but for all technology products that rely on cloud services.
