Ears in other people's gardens and houses

Weak points of robotic vacuum cleaners and mowers

Several Ecovacs brand lawn mowers and vacuum robots can apparently be infiltrated by attackers in order to spy on their owners using the built-in cameras and microphones. According to the information provided, this is possible from a distance of up to 130 meters. If the initial access is via Bluetooth, for example with a smartphone, the connection can probably also be established via Wi-Fi in the second step. As a result, attackers can later control the respective device from any location and access the built-in cameras and microphones as well as stored room maps and Wi-Fi access data.

Spying undetected

The Bluetooth function on Ecovacs robotic lawnmowers is always active. With the robot vacuum cleaners, however, this is only the case within 20 minutes of switching on or restarting, which makes it somewhat more difficult to attack these devices. However, it is very difficult to detect a successful espionage attack. Apparently there are no activity LEDs or other visual indicators on the devices that the built-in cameras or microphones are active.

Security researcher Dennis Giese describes the security level of the devices as "really, really, really bad".

Stay one step ahead of cyber threats with the DEFENDERBOX: strengthen your company's resistance to hacker attacks.

Would you like to know how secure your company is? Find out with a test installation!

Source: Techcrunch.com

Current contributions

• The right questions...March 13, 2025
  The results show that companies will need to be particularly prepared for cyber attacks and business interruptions in 2025. Proactive measures are crucial!
• DEFENDERBOX qualifies for TechBoostMarch 6, 2025
  We have been nominated for Deutsche Telekom's innovation program!
• Invisible dangerFebruary 27, 2025
  A particularly perfidious threat: Infostealer. This malware has only one goal - the systematic tapping of sensitive data.
• Rip-off at parking machinesFebruary 20, 2025
  Watch out in Cologne, Dortmund and some other cities! Pay for a parking ticket - and suddenly your bank details are in the hands of fraudsters.
• Google removes 2.36 million dangerous appsFebruary 13, 2025
  In 2024, Google removed 2.36 million apps because they violated security guidelines or endangered users. 

Do you want to know how secure your company is? Try it! Click here for a test installation of DEFENDERBOX.
The Find & Fix introductory offer is valid until
December 31st, 2024.