Hacked U.S. robot vacuums are yelling
racial slurs, chasing pets: report
The robots appear to be turning on us, although not in the post-apocalyptic way we’ve long imagined.
Robot vacuum owners in multiple U.S. cities have reported their cleaning machines have been hacked, with one man reporting that his vacuum starting yelling racial slurs at him. A report from the Australian Broadcast Corporation pins a security flaw in the Chinese-made Ecovacs Deebot X2 on the hacks of the widely distributed machines.
Minnesota lawyer Daniel Swenson told the outlet he was watching TV with his family when he noticed something strange happening with his vacuum.
“It sounded like a broken-up radio signal or something,” he told the ABC. “You could hear snippets of maybe a voice.”
When he went to check his Ecovacs app, he could see a stranger messing around with its remote control feature and live camera.
He said he quickly reset his password and rebooted the vacuum before returning to the couch with his wife and teen son. That’s when the real trouble started, with a voice coming through the robot loud and clear.
“F— n——s!” the voice began shouting repeatedly.
TechCrunch reports that Ecovacs are apparently quite easy to hack and it’s been a known issue for quite some time.
An August report from the tech news website said cybersecurity researchers had been analyzing the brand’s security flaws and “found a number of issues that can be abused to hack the robots via Bluetooth and surreptitiously switch on microphones and cameras remotely.”
“Their security was really, really, really, really bad,” researcher Dennis Giese told TechCrunch at the time.
When the outlet reached out to the company for information, an Ecovacs spokesperson said that the company would not fix the flaws found by the researchers, saying that “users can rest assured that they do not need to worry excessively about this.”
According to the ABC report, this recent hacking spree, which took place in May, spanned a few days in multiple U.S. cities, although it is not known how many of the vacuums (which retail for close to C$2,000) have been affected.
The outlet reports that an Ecovacs chased a dog around a Los Angeles home and, five days later, another robot began hurling racial slurs at its owner in El Paso, Texas.
In a statement, Ecovacs said it found no evidence that any owner accounts were hacked and no signs of any breach of Ecovacs’ systems. However, researchers previously demonstrated how the four-digit PIN protecting the device could be bypassed, as it was only checked by the app rather than by the server or the robot.
Ecovacs issued a patch for this flaw, while ABC sources have said it was insufficient.
Nevertheless, the manufacturer has said that it will issue a security upgrade for the owners of the X2 series of robot vacuum cleaners in November.
======================================================================
No comments:
Post a Comment