Owners of Ecovacs Deebot X2 robot vacuum cleaners in the US have reported their devices being hacked. Hackers gained access to cameras and remote control capabilities, allowing them to chase pets and shout racist slurs through built-in speakers.
Over the course of several days, hackers gained access to Ecovacs Deebot X2 robot vacuum cleaners in various US cities. They monitored cameras and device movements, chased dogs into homes and used loudspeakers to shout abuse. The vulnerability allowed hackers to gain access via Bluetooth from more than 100 meters away and bypass the PIN code protecting the video camera function.
Ecovacs has confirmed the existence of the vulnerability and released an update to address the issue. However, cybersecurity experts believe that the patch is not effective enough. The company also recorded mass login attempts from a single IP address, which were blocked.
Hacking of IoT devices, such as robot vacuum cleaners, is becoming more common due to insufficient security. In particular, the problem concerns devices connected to the Internet that have cameras and can be controlled remotely.
Ecovacs plans to improve the security of its devices through firmware updates, but owners are also advised to use strong passwords and Wi-Fi protection to increase their own security.