Robot vacuums across the country were hacked in the space of several days, according to reporting by ABC News. This allowed the attackers to not only control the robovacs, but use their speakers to hurl racial slurs and abusive comments at anyone nearby.
All of the affected robots were of the same make and model, the Chinese-made Ecovacs Deebot X2s. This particular robovac has developed a reputation for being easy to hack, thanks to a critical security flaw. ABC News, for instance, was able to get full control over one of the robots, including the camera.
One victim of this weekâs hacks was a Minnesota lawyer named Daniel Swenson. He told ABC that he was watching TV when the robot started making weird noises, like âa broken-up radio signal or something.â Through the app, Swenson could tell that a stranger was accessing the live camera feed and the remote control feature.
He reset the password and rebooted the vacuum, but thatâs when the weirdness really started. It immediately started moving again of its own accord and the speakers began emitting a human voice. This voice was yelling racist obscenities right in front of Swensonâs son.
“I got the impression it was a kid, maybe a teenager,” said Swenson. “Maybe they were just jumping from device to device messing with families.” Ultimately, he said it could have been worse, such as if the vacuum silently spied on his family for days on end.
Swensonâs device was hacked on May 24. That same day another Deebot X2s in Los Angeles began chasing around a dog. This vacuumâs speakers also shouted abusive comments. Five days later, a similar incident happened in El Paso. It remains unclear how many of the companyâs devices have been hacked in total.
At the root of this issue is a security flaw that allows bad faith actors to bypass the required four-digit security PIN in order to gain control of the vacuum. This issue originally came to light in December 2023. The Bluetooth connector also has a flaw that allows for complete access from up to 300 feet away. However, the attacks occurred throughout the country, so the Bluetooth vulnerability is an unlikely culprit.
According to Gizmodo, the company has developed a patch to eliminate the aforementioned security flaw thatâll roll out sometime in November. We reached out to Ecovacs to get a confirmation on this.
EMEA Tribune is not involved in this news article, it is taken from our partners and or from the News Agencies. Copyright and Credit go to the News Agencies, email news@emeatribune.com Follow our WhatsApp verified Channel
