Description: Hackers reportedly exploited a vulnerability in Ecovacs’s Deebot X2 robot vacuums, gaining unauthorized access to camera and microphone controls. Users reported privacy invasions and offensive language broadcasted through the devices. Although Ecovacs claimed to have resolved the security flaw, researchers suggest vulnerabilities remain that could potentially leave users exposed to surveillance and harassment through their AI-enabled devices.
Editor Notes: Reconstructing the timeline of events: (1) December 2023: Cybersecurity researchers Dennis Giese and Braelynn Luedtke reportedly reveal a security flaw in Ecovacs Deebot X2 at a hacking conference. The flaw, they claim, involves an insecure PIN system and Bluetooth vulnerability, and was reported to Ecovacs prior to going public. (2) May 24, 2024: Minnesota lawyer Daniel Swenson’s Deebot X2 is reported to have been hacked, allegedly emitting racial slurs and controlled remotely in his home. The same day, another hacked Deebot X2 reportedly chases a dog in Los Angeles while allegedly projecting offensive language. (3) May 29, 2024: In El Paso, Texas, another Deebot X2 is reported to have been hacked, allegedly yelling obscenities at the owner until unplugged. (4) October 10, 2024: An ABC Australia report presents confirmation of the hackability of the Deebot X2 and explaining the ongoing risk posed by the security flaws. Ecovacs responds to the incidents and attributes them to credential stuffing and denying a system breach. Ecovacs promises a security upgrade for the X2 series in November 2024. The Ecovacs statement can be read here: https://live-production.wcms.abc-cdn.net.au/d22cf5c9f95808b90a58ccae58a05b76.
Entités
Voir toutes les entitésPrésumé : un système d'IA développé par Ecovacs et mis en œuvre par Ecovacs Deebot X2 and Ecovacs, endommagé Ecovacs customers , Ecovacs Deebot X2 users and Daniel Swenson.
Statistiques d'incidents
ID
842
Nombre de rapports
2
Date de l'incident
2024-05-24
Editeurs
Daniel Atherton
Rapports d'incidents
Chronologie du rapport
abc.net.au · 2024
- Afficher le rapport d'origine à sa source
- Voir le rapport sur l'Archive d'Internet
translated-fr-Robot vacuums in multiple US cities were hacked in the space of a few days, with the attacker physically controlling them and yelling obscenities through their onboard speakers.
The affected robots were all Chinese-made Ecovac…
futurism.com · 2024
- Afficher le rapport d'origine à sa source
- Voir le rapport sur l'Archive d'Internet
translated-fr-Hackers were able to gain control of camera-equipped robot vacuums around the United States — and at least one of them forced the cleaning robots to yell racist obscenities.
As ABC Australia reports, owners of Ecovacs' Deebot …
Variantes
Une "Variante" est un incident qui partage les mêmes facteurs de causalité, produit des dommages similaires et implique les mêmes systèmes intelligents qu'un incident d'IA connu. Plutôt que d'indexer les variantes comme des incidents entièrement distincts, nous listons les variations d'incidents sous le premier incident similaire soumis à la base de données. Contrairement aux autres types de soumission à la base de données des incidents, les variantes ne sont pas tenues d'avoir des rapports en preuve externes à la base de données des incidents. En savoir plus sur le document de recherche.
Incidents similaires
Did our AI mess up? Flag the unrelated incidents
Incidents similaires
Did our AI mess up? Flag the unrelated incidents