https://www.abc.net.au/news/2024-10-04/robot-vacuum-hacked-photos-camera-audio/104414020
The largest home robotics company in the world has failed to fix security issues with its robot vacuums despite being warned about them last year.
Without even entering the building, we were able to silently take photos of the (consenting) owner of a device made by Chinese giant Ecovacs.
…
Ecovacs initially said its users “do not need to worry excessively” about Giese’s findings.
After he first revealed the vulnerability in public, the company’s security committee downplayed the issue, saying it requires “specialised hacking tools and physical access to the device”.
It’s hard to square their statement with the reality. All it had taken was my $300 smartphone, and I hadn’t even laid eyes on Sean’s robot until after hacking into it.
Ecovacs eventually said it would fix this security issue. At the time of publication, only some models have been updated to prevent this attack.
Several models — including the latest flagship model released in July this year — remain vulnerable.