Ecovacs home robots can be hacked to spy on their owners, researchers say | TechCrunch
techcrunch.com
Researchers found flaws that could allow anyone to spy on the owners of Ecovacs home robots by hijacking their cameras and microphones.

Malicious hackers can take over control of vacuum and lawn mower robots made by Ecovacs to spy on their owners using the devices’ cameras and microphones, new research has found.

Security researchers Dennis Giese and Braelynn are due to speak at the Def Con hacking conference on Saturday detailing their research into Ecovacs robots. When they analyzed several Ecovacs products, the two researchers found a number of issues that can be abused to hack the robots via Bluetooth and surreptitiously switch on microphones and cameras remotely.

“Their security was really, really, really, really bad,” Giese told TechCrunch in an interview ahead of the talk.

The researchers said they reached out to Ecovacs to report the vulnerabilities but never heard back from the company, and believe the vulnerabilities are still not fixed and could be exploited by hackers.

  • @NeoNachtwaechterEnglish
    729 days ago

    hackers can take over control of vacuum and lawn mower robots made by Ecovacs to spy on their owners using the devices’ cameras and microphones

    Honestly, did anyone believe that this wouldn’t happen, sooner or later?

    When I bought me such a device, I made sure that I would be able to install a cloud-free firmware on it. First thing. Before I wanted to use it at all.

      • @NeoNachtwaechterEnglish
        329 days ago

        Dreame D10S Plus with Valetudo.

        Commanding it from Home Assistant.