Robot vacuum cleaners shout racist insults and chase animals after cyberattack
A malicious actor hacked robot vacuum cleaners into American homes, forcing them to torment their pets and shout racist slurs.
According to a ABC report, the hacker took remote control of several Ecovacs Deebot X2s before using its live camera feed and remote control feature to wreak havoc on device owners.
Although a user spoke with the ABC Upon restarting the device and resetting its password, the robot vacuum continued to cause problems.
“I felt like it was a child, maybe a teenager,” the owner said while chatting with him.he ABC. “Maybe they were just jumping from one device to another, annoying the families.”
The owner said his main concern was the device’s ability to be used for surveillance and spying, and he feared he could watch himself or his family undress. The problem was only resolved when the unit was turned off and then put away in the garage.
The ABC reported another user whose Deebot
It is currently unknown how many devices were affected.
Earlier this month (October 4), the ABC proved that the Deebot X2 had a security vulnerability by hacking into one and taking control of the video feed.
As with illegally hacked devices in the United States, the vacuum failed to trigger the alarm that alerts the owner that the camera is in use.
Similarly, security researchers previously told Ecovacs that its devices had security flaws, including one that allowed bad actors to take control of it through the Bluetooth connector from more than 100 meters away. The other demonstrated that the PIN system for accessing the video stream and the remote control was defective.
While Ecovacs fixed the problem, sources speaking with the ABC said they were insufficient.
Ecovacs reportedly released a firmware update in November to further strengthen security in response to the is ABC results.
“Ecovacs respects the practice of security experts identifying potential vulnerabilities through research and proactively sharing their findings with businesses. We believe that the interaction between security experts and companies, through offensive and defensive testing and publication of results, contributes to improving product security,” he said in a statement.
“Ecovacs has always prioritized product and data security, as well as the protection of consumer privacy. We assure our customers that our existing products provide a high level of safety in everyday life and that consumers can use Ecovacs products with confidence.
“We have improved the Ecovacs X2 Remote Live Video PIN bypass issue in August 2024. Only the X2 series has this vulnerability, which will be fixed in November via an OTA firmware update. No other Ecovacs models are affected.