 "In the case of Ecovacs, hackers reportedly exploited a method known as “credential stuffing,” where old passwords obtained from data breaches on other websites were used to gain access to users’ digital devices. Image Credit: Pexels")
In a string of strange and unsettling incidents, robot vacuum cleaners in several US cities were hijacked by hackers, who used the devices to shout racist obscenities through their onboard speakers. According to an ABC News report, the devices targeted were all Ecovacs Deebot X2 models, known for a critical security vulnerability that made them an easy target for hackers.
Ecovacs, a Chinese company with a somewhat sketchy history of security breaches, found itself at the centre of the chaos. The company’s robot vacuums, which come equipped with cameras and speakers, have apparently been susceptible to cyberattacks for some time. These breaches have allowed hackers to gain control of the devices and use them to spy on their owners or, in this case, shout offensive slurs.
One of the victims, Daniel Swenson, a lawyer from Minnesota, experienced the bizarre attack firsthand. Swenson was quietly watching TV when he noticed his vacuum behaving oddly. He initially thought it sounded like a garbled radio signal.
After resetting the device and changing the password, he hoped the issue was resolved, but the chaos returned. This time, the vacuum began hurling racial slurs at him, as though it had become an irate, malfunctioning robot maid.
Unfortunately, Swenson’s experience wasn’t an isolated incident. Similar reports came from other parts of the US. In Los Angeles, a resident claimed their Deebot X2 started chasing their dog while shouting abusive comments. In El Paso, another device launched into a tirade of racial slurs late at night, terrifying the household.
Despite prior warnings from cybersecurity experts about the vulnerability of Ecovacs’ Deebot X2 model, the company allegedly failed to address the security flaws in time. Hackers reportedly exploited a method known as “credential stuffing,” where old passwords obtained from data breaches on other websites were used to gain access to users’ digital devices.
Impact Shorts
More ShortsThe absurdity of robot vacuums turning into vehicles for hate speech seems almost unbelievable, but given Ecovacs’ poor track record with cybersecurity, this attack has raised serious concerns.
It’s likely that customer support will need to brace themselves for more complaints from users dealing with rogue, offensive vacuums. Swenson noted that customer support believed the hackers had taken advantage of weak security measures, suggesting that the company may not have done enough to protect its users from such attacks.
As the story unfolds, it highlights the growing risks of cybersecurity breaches in smart home devices, which, while convenient, are increasingly becoming gateways for hackers to cause mayhem in unexpected and often disturbing ways.