cybersecurity

Hackers Hijack Robovacs to Harass Pets and Owners: A New Cyber Threat

Ecovacs Deebot X2 vacuum being hacked to chase pets and yell slurs.

Ecovacs Deebot X2: Recent Hacking Incident Raises Concerns

In a worrying trend for smart home technology users, several Ecovacs Deebot X2 Omni robotic vacuums were recently hacked across various cities in the United States. This incident involved individuals using the vacuums to chase pets and hurl racial slurs at pet owners. These alarming reports were highlighted by ABC News in Australia, shedding light on the serious implications of compromised smart home devices.

Understanding the Hacking Incident

Multiple owners of Deebot X2 vacuums reported the hacking event occurring in May. One notable case involved Daniel Swenson, a lawyer from Minnesota, who experienced the disturbing event while watching television with his family. He described the sounds coming from the robotic vacuum as akin to "a broken-up radio signal". After taking the initial step of resetting his password and rebooting the device, the vacuum emitted a clear voice, believed to be that of a teenager, yelling racial slurs.

Other Notable Cases

Similar accounts have surfaced from Deebot X2 users in cities such as El Paso and Los Angeles, with the latter situation involving the vacuum antagonizing a dog, demonstrating the bizarre and troubling nature of the hack.

Ecovacs' Response and Security Measures

In response to the hacking incidents, Ecovacs issued a statement acknowledging that they had identified a "credential stuffing event" and blocked the originating IP address associated with the attacks. The company also emphasized that they found no evidence suggesting that any usernames or passwords were compromised by the attackers.

Previous Vulnerabilities Exploited

Adding to the concern, researchers had demonstrated a flaw in the Deebot X2's system last year, allowing unauthorized access bypassing the PIN entry. Ecovacs has claimed to have resolved this vulnerability and indicated plans to enhance overall security with an update slated for November. However, it's still unclear whether this update will address a Bluetooth vulnerability recently exploited by ABC News during their investigative report.

The Bigger Picture: Risks of Smart Home Devices

The proliferation of cloud-connected smart home devices has raised significant security concerns in recent years. Issues such as these can often stem from hacking incidents, compromised user credentials, or problematic software that mistakenly displays another user's camera feed, among other potential security lapses. The persistence of internet connectivity requirements for many smart home gadgets contributes to these vulnerabilities, especially when manufacturers lack simple channels for reporting security faults.

What Users Can Do

  • Change Passwords Regularly: Users should ensure they regularly update their passwords and utilize strong, unique passwords for their devices.
  • Data Privacy Awareness: Remaining vigilant about data privacy and understanding the terms of service of smart devices can help users minimize risks.
  • Monitor Device Activity: Keeping an eye on the activity logs of smart devices can help detect any unusual access or behavior.

Conclusion

The recent hacking of Ecovacs Deebot X2 vacuums emphasizes the critical need for robust security measures within smart home devices. As technology continues to advance, ensuring the safety and privacy of users must remain a top priority for manufacturers. Consumers should remain informed and proactive in securing their devices to mitigate risks in an increasingly connected world.

Reading next

An illustration depicting video authenticity label on YouTube.
Screenshot of YouTube Premium Lite subscription details and pricing.

Leave a comment

All comments are moderated before being published.

This site is protected by hCaptcha and the hCaptcha Privacy Policy and Terms of Service apply.