SecureWorld News

Hacked Robot Vacuums Hurl Racial Slurs, Show IoT Devices Risks

Written by Cam Sivesind | Wed | Oct 16, 2024 | 10:26 PM Z

What did the robot vacuum say to its homeowner? You suck.

All kidding aside, in a bizarre turn of events, owners of robot vacuums across the U.S. have reported that their devices have been hacked. One particularly alarming case involved a man whose Ecovacs Deebot X2 began yelling racial slurs at him.

The incidents appear to be linked to a security vulnerability in the Chinese-made Ecovacs Deebot X2 model, according to a report by the Australian Broadcast Corporation. The flaw has exposed the widely distributed smart vacuums to manipulation by bad actors, raising concerns about the cybersecurity of internet-connected home devices.

Minnesota lawyer Daniel Swenson told ABC that he initially thought his Chinese-made robot vacuum was malfunctioning when he began to hear weird sounds coming from it. He shockingly discovered someone else was accessing its camera and remote control settings.

Swenson reset the vacuum's password, only for it to begin zooming around and yelling the N-word repeatedly, all within earshot of one of his children. He turned the robot vacuum off and never turned it back on.

Later, he realized that despite the vile language, the hack could've been much worse. The Ecovac had been in use on the same floor as his family's master bathroom, and the hackers could easily have seen something they weren't supposed to.

"I just thought of it catching my kids or even me," Swenson said, "you know, not dressed."

Back in 2017, SecureWorld News reported that cybersecurity researchers took control of an LG 'Smart' vacuum and spied on the home through the device's camera. The video is unnerving.

The breaches underscore the growing threat of vulnerabilities in IoT (Internet of Things) devices. With the increasing adoption of smart home technologies, ensuring robust security measures for such devices is crucial to prevent hackers from gaining control or accessing private information.

Smart home users should stay vigilant, update device software regularly, and implement network security best practices to mitigate risks.

As the investigation continues, Ecovacs is expected to address these security concerns to safeguard their users from further incidents.

A January 2024 blog on ToolingIdeas.com provides a comprehensive rundown of the risks of IoT devices, particularly robot vacuums. The key takeaways: "Yes, robot vacuums can be hacked if they are connected to the internet. Hackers can gain access to the device's software and manipulate its functionality, such as accessing the camera or microphone, collecting personal data, or controlling its movements. It's important to use strong, unique passwords and regularly update the device's software to mitigate the risk of hacking."

[RELATED] Cyberattacks on home networks are getting more advanced, as reported on by SecureWorld News last fall. Homeowners are putting their personal data and privacy—and that of the organizations for which they work—at risk. The article provides comprehensive guidelines of how to defend against targeted cyberattacks when employees' personal devices, even those not used for work, are under threat.

Now suck on that, Mr. Robot Vacuum.