Ears in other people's gardens and houses

in News

on

Weak points of robotic vacuum cleaners and mowers

Several Ecovacs brand lawn mowers and vacuum robots can apparently be infiltrated by attackers in order to spy on their owners using the built-in cameras and microphones. According to the information provided, this is possible from a distance of up to 130 meters. If the initial access is via Bluetooth, for example with a smartphone, the connection can probably also be established via Wi-Fi in the second step. As a result, attackers can later control the respective device from any location and access the built-in cameras and microphones as well as stored room maps and Wi-Fi access data.

Spying undetected

The Bluetooth function on Ecovacs robotic lawnmowers is always active. With the robot vacuum cleaners, however, this is only the case within 20 minutes of switching on or restarting, which makes it somewhat more difficult to attack these devices. However, it is very difficult to detect a successful espionage attack. Apparently there are no activity LEDs or other visual indicators on the devices that the built-in cameras or microphones are active.

Security researcher Dennis Giese describes the security level of the devices as "really, really, really bad".

Stay one step ahead of cyber threats with the DEFENDERBOX: strengthen your company's resistance to hacker attacks.

Would you like to know how secure your company is? Find out with a test installation!

Source: Techcrunch.com

class="wp-image-6682"
news
home page
class="wp-image-6682"

Current contributions

  • Over 80% critical security vulnerabilities
    Alarming results from our IHK cooperation on IT security at companies! Which critical security gaps were found in our pentests?
  • "Find & Fix" campaign to get to know each other
    Protect your company and find out which security gaps or vulnerabilities exist in your IT.
  • New DEFENDERBOX feature
    After each pentest (penetration test) with the DEFENDERBOX, our customers receive an email informing them of the status of the result.
  • DEFENDERBOX NIS-2 compliant
    Our DEFENDERBOX is NIS-2 compliant, i.e. the DEFENDERBOX reports document exactly all pentests that are valid as NIS-2 certification for the NIS-2 audits.
  • Targeted by cyber criminals
    If law firms fall victim to blackmail cyber attacks, the damage is particularly high. This is why ransoms are often paid. Investments in cyber security and insurance offer protection.
class="wp-image-6678"

Do you want to know how secure your company is? Try it out! Click here for a test installation of DEFENDERBOX.
The trial offer is valid until
30. September 2024.

Order now

Comments are closed.