Weak points of robotic vacuum cleaners and mowers
Several Ecovacs brand lawn mowers and vacuum robots can apparently be infiltrated by attackers in order to spy on their owners using the built-in cameras and microphones. According to the information provided, this is possible from a distance of up to 130 meters. If the initial access is via Bluetooth, for example with a smartphone, the connection can also be established via Wi-Fi in the second step. As a result, attackers can later control the respective device from any location and access the built-in cameras and microphones as well as stored room maps and Wi-Fi access data.
Spying undetected
The Bluetooth function on Ecovacs robotic lawnmowers is always active. With the robot vacuum cleaners, however, this is only the case within 20 minutes of switching on or restarting, which makes it somewhat more difficult to attack these devices. However, it is very difficult to detect a successful espionage attack. Apparently, there are no activity LEDs or other visual indicators on the devices that the built-in cameras or microphones are active.
Security researcher Dennis Giese describes the security level of the devices as “really, really, really bad”.
Be with the DEFENDERBOX One step ahead of cyber threats: strengthen your company’s resistance to hacker attacks.
Would you like to know how secure your company is? Find out with a Test position out!
Source: Techcrunch.com
EN 
DE