Hackers Exploit Robot Vacuums, Chasing Pets and Hurling Abuses

October 13, 2024 – Earlier this year, hackers breached multiple Covos Deebot X2 Omni vacuum robots in various US cities, exploiting them to chase pets and hurl racist abuses at their owners, according to a report by ABC News.

Several Deebot X2 users stated that their devices were hacked in May. Among them, Minnesota-based lawyer Daniel Swenson recounted that while watching TV with his family, they suddenly heard noises from the robot resembling “broken radio signals.” After resetting the password and restarting the robot, the voice emerged again, but this time it was clearly a human shouting abuses.

ABC News also covered other similar incidents, including one where a hacker used Deebot robots in El Paso and Los Angeles to harass a pet dog, shouting and chasing it.

In a statement, Covos acknowledged a “credential stuffing incident” and blocked the attacking source IP addresses. The company stated that it found no evidence of hackers collecting usernames and passwords.

It’s noteworthy that researchers demonstrated a vulnerability last year that bypassed the PIN code input on the Deebot X2 to access the robot. Covos indicated in its statement that the issue has been addressed and plans to release an update in November to “further enhance security.”

Leave a Reply