Robot posts across the country were hacked in a matter of days, according to the report ABC News. This allowed the attackers to not only control the robovacs, but use their speakers to hurl racial slurs and abusive comments at anyone nearby.
All the affected robots were the same model, Ecovacs Deebot X2s made in China. This robovac has developed a reputation for being easy to hack, thanks to a critical security flaw. ABC Newsfor example, it was able to fully control one of the robots, including the camera.
Another victim of this week’s robbery was a Minnesota attorney named Daniel Swenson. He told ABC that he was watching TV when the robot started making strange noises, like “a broken radio signal or something.” Through the app, Swenson could see that a stranger was accessing the live camera feed and the remote control feature.
He reset the password and restarted the vacuum, but that’s where the miracle really began. Soon it started to move again on its own and the speakers started to emit a human voice. This voice was shouting racist obscenities in front of Swenson’s son.
“I got the impression that I was still a child, maybe a teenager,” Swenson said. “Perhaps they were just jumping from machine to machine and messing with families.” In the end, he said it could have been worse, like a vacuum that silenced his family for days on end.
Swenson’s device was hacked on May 24. The same day another Deebot X2 in Los Angeles began chasing the dog. The speakers of this space also shouted obscenities. Five days later, a similar incident occurred in El Paso. It is not clear how much of the company’s equipment was stolen in total.
At the root of this issue is a security flaw that allows rogue players to bypass the four-digit security PIN required to gain control of the space. This issue first appeared in December 2023. The Bluetooth connector also has a feature that allows full access from 300 feet away. However, the attacks have occurred across the country, so a Bluetooth vulnerability is an unlikely case.
In accordance with Gizmodothe company has developed a patch to eliminate the security flaw mentioned above which will be launched in November. We reached out to Ecovacs for confirmation on this.
Source link