“Robot Vacuum Owners in Multiple US Cities Report Hacking Incidents: Ecovacs Deebot X2 Vulnerability Exposed”

Robot vacuum owners in multiple US cities have been left shocked and disturbed after reports of their devices being hacked surfaced. According to an investigation by ABC, strangers have been able to access live camera feeds and remote control features of Chinese-made Ecovacs Deebot X2s, resulting in some terrifying incidents.

Some users reported hearing slurs being yelled through the onboard speakers, while others witnessed their robots chasing pets around the house. Despite efforts to reset passwords and reboot the devices, the erratic behavior persisted, leading to concerns of potential spying activities.

Security researchers had previously alerted Ecovacs to significant security flaws in the X2 model, including vulnerabilities in the Bluetooth connector and the PIN code protecting the video feed and remote control feature. Hackers were able to disable warning sounds that should alert users when the camera is in use.

Ecovacs has since issued a patch for the security flaw, but ABC sources claim it may not be sufficient. The company identified a credential stuffing event in May 2024 and plans to release an over-the-air firmware update in November to enhance security measures.

In the meantime, Ecovacs advises users to strengthen their online safety by using strong and unique passwords and improving WiFi security. The company reassures customers that there is no evidence of owner accounts being hacked or breaches in Ecovacs’ systems.

As the investigation continues, robot vacuum owners are urged to stay vigilant and take necessary precautions to protect their privacy and security.