https://www.malwarebytes.com/blog/news/2024/10/robot-vacuum-cleaners-hacked-to-spy-on-insult-owners

Skip to content
Search
Search Malwarebytes.com
Search for: [                    ] [Search]
  * Sign In

 

  * Personal

    < Personal

    Products
      + Malwarebytes Premium Security >
      + Malwarebytes Privacy VPN >
      + Malwarebytes Identity Theft Protection >
      + Personal Data Remover > New text
      + Malwarebytes Browser Guard >
      + Malwarebytes for Teams/small offices >
      + AdwCleaner for Windows >
    -----------------------------------------------------------------
   
    Find the right product

    See our plans

    Infected already?

    Clean your device now
    Solutions
      + Free antivirus >
      + Free virus scan & removal >
      + Windows antivirus >
      + Mac antivirus >
      + Android antivirus >
      + iOS security >
      + Digital Footprint Scan >
    See personal pricing
    Manage your subscription
    Visit our support page 
  * Business

    < Business

    BUNDLES
      + ThreatDown Bundles
      + Protect your endpoints with powerfully simple and
        cost-effective bundles
      + Education Bundles
      + Secure your students and institution against cyberattacks
    TECHNOLOGY HIGHLIGHTS
      + Managed Detection & Response (MDR)
      + Deploy fully-managed threat monitoring, investigation, and
        remediation
      + Endpoint Detection & Response (EDR)
      + Prevent more attacks with security that catches what others
        miss
      + Explore our portfolio >
    This image has an empty alt attribute; its file name is
    product-menu-screen.webp Visualize and optimize your security
    posture in just minutes.

    Learn more about Security Advisor (available in every bundle). >

  * Pricing

    < Pricing

    Personal pricing

    Protect your personal devices and data

    Small office/home office pricing

    Protect your team's devices and data

    Business pricing (5+ employees)

    Step up your corporate endpoint security. Save up to 45%

  * Partners

    < Partners

   
    Explore Partnerships
    Partner Solutions
      + Resellers
      + Managed Service Providers
      + Computer Repair
      + Technology Partners
      + Affiliate Partners
    Contact Us
  * Resources

    < Resources

    Malwarebytes Labs
      + Security terms glossary >
      + Threat Center >
      + Cybersecurity News >
      + About Malwarebytes >
      + Press >
      + Careers >

    Cybersecurity Resource Center
      + Antivirus >
      + Malware >
      + Ransomware >
      + Phishing >
      + See all articles >
  * Support

    < Support

    Malwarebytes Personal Support

    Malwarebytes and Teams Customers

    ThreatDown Business Support

    Nebula and Oneview Customers

    Community Forums

Free Download

Search Search
Search Malwarebytes.com
Search for: [                    ] [Search]
[                    ]
SUBSCRIBE  
   
Ecovacs robot army
Exploits and vulnerabilities | News

Robot vacuum cleaners hacked to spy on, insult owners

Posted: October 14, 2024 by Pieter Arntz

Multiple robot vacuum cleaners in the US were hacked to yell
obscenities and insults through the onboard speakers.

ABC news was able to confirm reports of this hack in robot vacuum
cleaners of the type Ecovacs Deebot X2, which are manufactured in
China. Ecovacs is considered the leading service robotics brand, and
is a market leader in robot vacuums.

One of the victims, Minnesota lawyer Daniel Swenson, said he heard
sound snippets that seemed similar to a voice coming from his vacuum
cleaner. Through the Ecovacs app, he then saw someone not in his
household accessing the live camera feed of the vacuum, as well as
the remote control feature.

Thinking it was a glitch, he rebooted the vacuum cleaner and reset
the password, just to be on the safe side. But that didn't help for
long. Almost instantly, the vacuum cleaner started to move again.

Only this time, the voice coming from the vacuum cleaner was loud and
clear, and it was yelling racist obscenities at Swenson and his
family. The voice sounded like a teenager according to Swenson.

Swenson said he turned off the vacuum and dumped it in the garage,
never to be turned on again.

While this may seem bad enough as it is, it could have been much
worse. What if the hackers had decided to keep quiet and just spy on
the victim's family? In 2020 we talked about such an occurrence in
our Lock & Code podcast, where a photo taken by a Roomba vacuum
cleaner of a woman sitting on a toilet was shared on Facebook.

Within a few days, various similar incidents involving the Ecovacs
Deebot X2 were reported in the US. And, even though Swenson had
several communications with a US representative of Ecovacs, the
response didn't explain what had happened.

The Ecovacs representative claimed the victim's credentials must have
been acquired by the hacker and used in a credential stuffing attack,
where the attacker uses login information obtained in breaches on
other sites to login to another one--in this case Ecovacs.

But that did not make sense, because even with a valid password the
attacker shouldn't have been able to access the video feed or to
control the robot remotely. These features are supposed to be
protected by a four-digit pin number.

In 2023, however, two security researchers showed a method to bypass
that protection. The weakness of the pin protection is that the app
is the only place where the PIN is checked, not on the server or by
the robot itself. So, if you have control of the device with the app
on it and the necessary technical knowledge, you can have the device
send a signal to the server which claims that you have entered the
correct pin.

And though Ecovacs claimed to have fixed this flaw, one of the
hackers that disclosed the flaw said it had been fixed
insufficiently.

The same Ecovacs spokesperson said the company "sent a prompt email"
instructing customers to change their passwords following the
incident. However, Swenson says he never received any communication
about the issue with the pin codes, even though he specifically asked
if it had happened to other people.

Ecovacs told ABC news it would issue a security upgrade for owners of
its X2 series in November. Until that happens you might want to do
the same as Swenson and turn the vacuum off.

---------------------------------------------------------------------

We don't just report on threats--we remove them

Cybersecurity risks should never spread beyond a headline. Keep
threats off your devices by downloading Malwarebytes today.

SHARE THIS ARTICLE

   

RELATED ARTICLES

The Lock and Code logo, which includes the Malwarebytes Labs insignia
ensconced in a pair of headphones
Podcast

This industry profits from knowing you have cancer, explains Cody
Venzke (Lock and Code S05E22)

October 21, 2024 - This week on the Lock and Code podcast, we speak
with Cody Venzke about why data brokers are allowed to collect
everything about us.

CONTINUE READING 0 Comments
internet archive logo wayback machine
News

Internet Archive attackers email support users: "Your data is now in
the hands of some random guy"

October 21, 2024 - Those who hacked the Internet Archive haven't gone
away. Users of the Internet Archive who have submitted helpdesk
tickets are reporting...

CONTINUE READING 0 Comments
week in security
Apple

A week in security (October 14 - October 20)

October 21, 2024 - A list of topics we covered in the week of October
14 to October 20 of 2024

CONTINUE READING 0 Comments
Safari vulnerable to HM Surf
Apple | News

Unauthorized data access vulnerability in macOS is detailed by
Microsoft

October 18, 2024 - Microsoft disclosed details about the HM Surf
vulnerability that could allow an attacker to gain access to the
user's data in Safari

CONTINUE READING 0 Comments
23andMe logo
News | Privacy

23andMe will retain your genetic information, even if you delete the
account

October 17, 2024 - Sure, you can request a deletion of your data from
23andMe, but that doesn't mean the company will delete it entirely.

CONTINUE READING 0 Comments

ABOUT THE AUTHOR

Pieter Arntz

Pieter Arntz twitter-icon

Malware Intelligence Researcher

Was a Microsoft MVP in consumer security for 12 years running. Can
speak four languages. Smells of rich mahogany and leather-bound
books.

Contributors icon

Contributors

Threat Center icon

Threat Center

Podcasts icon

Podcast

Glossary icon

Glossary

Scams icon

Scams

MalwareBytes-Footer-Logo

Cyberprotection for every one.

FOR PERSONAL

  * Windows Antivirus
  * Mac Antivirus
  * Android Antivirus
  * Free Antivirus
  * VPN App (All Devices)
  * Malwarebytes for iOS
  * SEE ALL

COMPANY

  * About Us
  * Contact Us
  * Careers
  * News and Press
  * Blog
  * Scholarship
  * Forums
  * Vulnerability Disclosure

FOR BUSINESS

  * Small Businesses
  * Mid-size Businesses
  * Larger Enterprise
  * Endpoint Protection
  * Endpoint Detection & Response (EDR)
  * Managed Detection & Response (MDR)

FOR PARTNERS

  * Managed Service Provider (MSP) Program
  * Resellers

MY ACCOUNT

Sign In

SOLUTIONS

  * Digital Footprint Scan
  * Rootkit Scanner
  * Trojan Scanner
  * Virus Scanner
  * Spyware Scanner
  * Password Generator
  * Anti Ransomware Protection

ADDRESS

One Albert Quay
2nd Floor
Cork T12 X8N6
Ireland

3979 Freedom Circle
12th Floor
Santa Clara, CA 95054

LEARN

  * Malware
  * Hacking
  * Phishing
  * Ransomware
  * Computer Virus
  * Antivirus
  * What is VPN?

  * Twitter icon Twitter
  * Icon facebook Facebook
  * Icon Linkedin LinkedIn
  * Icon youtube Youtube
  * Icon instagram Instagram

Cybersecurity info you can't live without

Want to stay informed on the latest news in cybersecurity? Sign up
for our newsletter and learn how to protect your computer from
threats.

Email Address [                    ] [Sign Up]

  * Legal
  * Privacy
  * Terms of Service
  * Accessibility
  * Imprint

(c) 2024 All Rights Reserved