Description: Hackers reportedly exploited a vulnerability in Ecovacs’s Deebot X2 robot vacuums, gaining unauthorized access to camera and microphone controls. Users reported privacy invasions and offensive language broadcasted through the devices. Although Ecovacs claimed to have resolved the security flaw, researchers suggest vulnerabilities remain that could potentially leave users exposed to surveillance and harassment through their AI-enabled devices.
Editor Notes: Reconstructing the timeline of events: (1) December 2023: Cybersecurity researchers Dennis Giese and Braelynn Luedtke reportedly reveal a security flaw in Ecovacs Deebot X2 at a hacking conference. The flaw, they claim, involves an insecure PIN system and Bluetooth vulnerability, and was reported to Ecovacs prior to going public. (2) May 24, 2024: Minnesota lawyer Daniel Swenson’s Deebot X2 is reported to have been hacked, allegedly emitting racial slurs and controlled remotely in his home. The same day, another hacked Deebot X2 reportedly chases a dog in Los Angeles while allegedly projecting offensive language. (3) May 29, 2024: In El Paso, Texas, another Deebot X2 is reported to have been hacked, allegedly yelling obscenities at the owner until unplugged. (4) October 10, 2024: An ABC Australia report presents confirmation of the hackability of the Deebot X2 and explaining the ongoing risk posed by the security flaws. Ecovacs responds to the incidents and attributes them to credential stuffing and denying a system breach. Ecovacs promises a security upgrade for the X2 series in November 2024. The Ecovacs statement can be read here: https://live-production.wcms.abc-cdn.net.au/d22cf5c9f95808b90a58ccae58a05b76.
推定: Ecovacsが開発し、Ecovacs Deebot X2 と Ecovacsが提供したAIシステムで、Ecovacs customers , Ecovacs Deebot X2 users と Daniel Swensonに影響を与えた
インシデントのステータス
インシデントID
842
レポート数
2
インシデント発生日
2024-05-24
エディタ
Daniel Atherton
インシデントレポート
レポートタイムライン
abc.net.au · 2024
- 情報源として元のレポートを表示
- インターネットアーカイブでレポートを表示
translated-ja-Robot vacuums in multiple US cities were hacked in the space of a few days, with the attacker physically controlling them and yelling obscenities through their onboard speakers.
The affected robots were all Chinese-made Ecovac…
futurism.com · 2024
- 情報源として元のレポートを表示
- インターネットアーカイブでレポートを表示
translated-ja-Hackers were able to gain control of camera-equipped robot vacuums around the United States — and at least one of them forced the cleaning robots to yell racist obscenities.
As ABC Australia reports, owners of Ecovacs' Deebot …
バリアント
「バリアント」は既存のAIインシデントと同じ原因要素を共有し、同様な被害を引き起こし、同じ知的システムを含んだインシデントです。バリアントは完全に独立したインシデントとしてインデックスするのではなく、データベースに最初に投稿された同様なインシデントの元にインシデントのバリエーションとして一覧します。インシデントデータベースの他の投稿タイプとは違い、バリアントではインシデントデータベース以外の根拠のレポートは要求されません。詳細についてはこの研究論文を参照してください
よく似たインシデント
Did our AI mess up? Flag the unrelated incidents
よく似たインシデント
Did our AI mess up? Flag the unrelated incidents