Associated Incidents
Hackers took control of robot vacuums across the US earlier this year, allegedly making them shout racist obscenities in their owners' homes.
Daniel Swenson, a lawyer based in Minnesota, tells Australia's ABC News that his cleaning robot came into his living room and started shouting yelling in front of his wife and 13-year-old son. He said the voice sounded like a teenager.
The vacuums include remote-viewing features, meaning it may have been possible for the hackers to access their cameras remotely while inside their owners' homes.
Another victim told ABC their dog was chased around their Los Angeles home by a rogue vacuum on May 24—the same day the Minnesota man had his vacuum breached.
The manufacturer, Ecovacs, confirmed that security breaches had occurred in an official statement, but denied its systems were compromised directly. The Chinese company blamed "credential stuffing," where hackers use login details that have been re-used across multiple websites or apps to gain access to a system. For example, a hacker with someone's Instagram password might also try it on Amazon or a bank website to see if it works there, too.
"Ecovacs has always prioritized product and data security, as well as the protection of consumer privacy," it says. "We assure customers that our existing products offer a high level of security in daily life and that consumers can confidently use Ecovacs products."
The firm advised users to use strong, unique passwords and strengthen their Wi-Fi security.
The news comes after cybersecurity researchers Dennis Giese and Braelynn identified a myriad of security vulnerabilities in Ecovacs devices a few months ago. They used one of their robot's Bluetooth connections to take control of the device from a distance of up to 450 feet. Once the device had been compromised via Bluetooth, the hackers could then remotely access the remote from anywhere in the world, provided the robot was connected to a Wi-Fi network.
As TechCrunch reports, the researchers, who presented their findings at this year's Def Con conference, were also able to switch on robots' microphones and cameras remotely during their research to spy on their owners.
Consumers have long been concerned about their smart devices invading their privacy. In 2020, a survey by PCMag found that 68% of respondents think that smart home devices listen to you when you aren't aware, and share the data with the companies who make them.
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
I’m a reporter covering weekend news. Before joining PCMag in 2024, I picked up bylines in BBC News, The Guardian, The Times of London, The Daily Beast, Vice, Slate, Fast Company, The Evening Standard, The i, TechRadar, and Decrypt Media.
I’ve been a PC gamer since you had to install games from multiple CD-ROMs by hand. As a reporter, I’m passionate about the intersection of tech and human lives. I’ve covered everything from crypto scandals to the art world, as well as conspiracy theories, UK politics, and Russia and foreign affairs.