Page Loader
Home / News / Technology News / Hackers hijack Ecovacs robotic vacuums to harass pets and owners
Summarize
Hackers hijack Ecovacs robotic vacuums to harass pets and owners
The robotic vacuums hurled racial slurs at the owners, chased pets

Hackers hijack Ecovacs robotic vacuums to harass pets and owners

By Akash Pandey
Oct 13, 2024
12:07 pm
What's the story

Earlier this year, hackers targeted Ecovacs Deebot X2 Omni robotic vacuums in a number of US cities. The perpetrators used these devices to harass pets and hurl racial slurs at their owners, ABC News Australia reported. Several Deebot X2 owners reported incidents of their devices being compromised in May. One such victim was Daniel Swenson, a Minnesota-based lawyer who heard strange noises from his robot's speaker while watching TV with his family.

Pet harassment

Robotic vacuums used to antagonize pets

Swenson described the noise as "like a broken-up radio signal or something." After resetting his password and rebooting the robot, he said it started again. But this time the sound was clearly a voice — which he guessed belonged to a teenager — yelling slurs. Similar incidents were reported by owners in El Paso and Los Angeles. In one case, an individual used a Deebot to antagonize a dog by shouting at it and chasing it around.

Company response

Ecovacs responds to hacking incidents

In the wake of these incidents, Ecovacs has recently released a statement to ABC News saying it had "identified a credential stuffing event" and blocked the originating IP address. The company also assured it "found no evidence" of usernames and passwords being collected by the attacker. Last year, researchers had exposed a flaw that let them bypass the Deebot X2's PIN entry and gain access to the vacuum.

Security upgrade

Plan to enhance security measures

Ecovacs confirmed in its statement that it has resolved the PIN bypass issue. The company also announced plans to "further enhance security" with an update scheduled for November. However, it remains unclear whether this update will address a Bluetooth vulnerability that ABC News exploited for a report earlier this month. The incident highlights the potential risks of cloud-connected smart home devices, which often require a persistent internet connection to function and may be vulnerable to hacks or compromised credentials.