Skip to content

Rabbit R1 security flaw allows hackers to access all responses

  • by
  • 3 min read

Rabbit, the company behind the AI-powered Rabbit R1 gadget, has left critical API keys hardcoded and exposed within its code. These keys would have granted hackers access to a range of services, including the ability to view and download all R1 responses ever given and use services like text-to-speech and email as if they were the company.

A group of jailbreakers and reverse engineers called Rabbitude first exposed this vulnerability. They gained access to Rabbit’s internal admin email addresses and verified their access by sending emails to 404 Media.

This latest revelation, disclosed on Rabbitude’s website, adds to the issues plaguing the device, which essentially operates as an Android app utilising off-the-shelf APIs such as ElevenLabs for text-to-speech functionalities.

“On May 16, 2024, the Rabbitude team gained access to the rabbit codebase and found several critical hardcoded API keys in its code,” said Rabbitude researchers. These keys allow anyone to: read every response R1 has ever given, including ones containing personal information, brick all R1s, alter the responses of all R1s, and replace every R1’s voice.”

Rabbit R1’s exposed API keys were discovered for several services, including ElevenLabs, Microsoft Azure, Yelp, Google Maps, and SendGrid, Rabbit’s email provider.

According to Rabbitude, Rabbit had been aware of the exposure of the ElevenLabs API key for a month but had taken no action to rotate the keys until the community made the issue public.

As per Rabbitude, Rabbit knew about the flaw for weeks but didn’t rotate the keys.

These keys are quite sensitive and are like special passwords that let the device use different services, like making the AI speak or send emails. The problem is that anyone who found these keys could use them to access these services as if they were the company itself.

As per a Rabbitude member, Emily, the keys should be injected at runtime rather than hardcoded. She pointed out that Rabbit’s use of containerised deployments managed by Kubernetes should have made it straightforward to manage these secrets securely.

In response to the disclosure, Rabbit said, “Today we were made aware of an alleged data breach. Our security team immediately began investigating. As of right now, we are not aware of any customer data being leaked or any compromise to our systems. If we learn of any other relevant information, we will provide an update once we have more details.”

Despite Rabbit’s assurances, Rabbitude confirmed that Rabit rotated the ElevenLabs API key on Tuesday, shortly after their blog post went live, causing a temporary disruption in service for some users.

Following this, Rabbit created a security page on its website and reiterated its commitment to investigating the breach.

“On June 25, 2024, we were notified that a third party may have had access to working API keys for multiple SaaS providers used by Rabbit to provide services to our customers; based on this notice, the Rabbit security team rotated the keys to those APIs, which caused a brief downtime on the devices,” says the security page. “Our team is continuing our investigation. As of today, we have not found there to be any compromise of our critical systems or of the safety of customer data.”

In the News: Google Sheets gets better calculation speeds, Gemini and more

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: