Do you have such a vacuum cleaner? You better watch out he doesn’t call you names
The owners of ECOVACS Deebot X2 vacuum cleaners experience stories straight from comedy movies, although they probably don’t find it funny. The devices start shouting racist chants and harassing pets.
The apocalyptic vision of machine rebellion is, for now, mainly the domain of Hollywood, but it seems that there is little stopping it from materializing in real life. Problems with intelligent equipment are experienced by owners of ECOVACS Deebot X2 self-propelled vacuum cleaners – also available in Poland and for a lot of money.
At least a few cases have been reported in the United States the cleaning robot literally got out of control. Some victims complain that he suddenly started chasing pets, others report racist shouting through loudspeakers.
Racist shouting and chasing a dog
Daniel Swenson, a lawyer from Minnesota, was watching TV when his robot began to malfunction. According to the man quoted by ABC News, it started with sounds resembling an intermittent radio signal. Then, the injured party allegedly discovered in the application that a stranger had connected to the vacuum cleaner and was watching the image from its camera.
He wisely logged out all users and reset the password, but the mysterious man quickly returned. This time, he added racist slogans to his performance, and this is apparently just one of many such cases. On the same day Swenson experienced the incident, May 24, another man living in Los Angeles reported to police that his ecovacs had been hacked and he was chasing a dog. In El Paso, the theme of profanity was repeated.
Six months earlier, safety researchers tried to notify Ecovacs about serious security vulnerabilities in its robot vacuum cleaners and the application that controls them. The most serious flaw was a Bluetooth connection failure that allowed access to the Ecovacs X2 from just over 100 meters away.
The producer knew but did nothing
Given the distributed nature of the attacks, it is unlikely that this vulnerability was exploited in this case. However, it was also known that the PIN code system securing the robot’s video transmission – as well as the remote control function – were faulty, and the warning sound that was supposed to play when someone was watching the camera could be disabled remotely.
In response to the emerging allegations, Ecovacs admitted that a series of cyberattacks had occurred. He also suggested that customers change their passwords and promised that an appropriate software update will appear in November. The question of what the manufacturer has been doing for the past six months since it learned about the vulnerability remains unanswered.
