From 654ed99aa18b6a945afccc98d80f075da6610023 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Mayoral=20Vilches?= Date: Mon, 7 Oct 2024 09:49:59 +0200 Subject: [PATCH] Add ecovacs hack --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 291e3d4..f39d4fd 100644 --- a/README.md +++ b/README.md @@ -112,6 +112,7 @@ A non-exhaustive list of cybersecurity research in robotics containing various r | 👹 Codename/theme | 🤖 Robotics technology affected | 👨‍🔬 Researchers | 📖 Description | 📅 Date | |-----|-------|-------------|-------------|------| +| | [Reverse engineering and hacking Ecovacs robots](https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.html) ([slides]([url](https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf)), [video]([url](https://www.youtube.com/playlist?list=PL9PoaNtZCJRYiwGlHVpGZdVqPKQ2mo57k)), [news article]([url](https://www.abc.net.au/news/2024-10-04/robot-vacuum-hacked-photos-camera-audio/104414020))) | Dennis Giese, Braelynn | Vulnerabilities and security risks of Ecovacs smart home robots, highlighting serious flaws such as broken encryption, missing certificate verification, inadequate access control, and unauthorized live camera access. Building on years of experience hacking devices from brands like Roborock and Xiaomi, the presenters dive into the alarming security issues within Ecovacs robots, the market leader in home robotics. The talk covers the difficulties of reporting bugs to the company and warns against relying on third-party certifications. It emphasizes the importance of being cautious with device choices and even personal relationships, due to the potential privacy risks involved. | 24-08-2024 | | | [iRobot’s Roomba J7 series robot vacuum](https://www.technologyreview.com/2022/12/19/1065306/roomba-irobot-robot-vacuums-artificial-intelligence-training-data-privacy/) | N/A | Personal pictures in a home environment were found in the Internet taken by an iRobot’s Roomba J7 series robot vacuum. The photos vary in type and in sensitivity. The most intimate image we saw was the series of video stills featuring the young woman on the toilet, her face blocked in the lead image but unobscured in the grainy scroll of shots below. In another image, a boy who appears to be eight or nine years old, and whose face is clearly visible, is sprawled on his stomach across a hallway floor. A triangular flop of hair spills across his forehead as he stares, with apparent amusement, at the object recording him from just below eye level. Various other home pictures that tag objects in the environment were found. | 19-19-2022 | | | Unitree's [Go1](https://m.unitree.com/products/go1) | d0tslash (MAVProxyUser in GitHub) | A hacker found a kill switch for a gun–wielding legged robot[^19][^20][^21][^22]. The hack itself leverages a kill switch functionality/technology that ships in all units of the robot and that listens for a particular signal at 433Mhz. When it hears the signal, the robot shuts down. d0tslash used a portable multi-tool for pentesters ([Flipper Zero](https://flipperzero.one/)) to emulate the shutdown, copying the signal the robot dog’s remote broadcasts over the 433MHz frequency. | 09-08-2022 | | | Enabot's [`Ebo Air`](https://na.enabot.com/shop/air001) | **Modux**[^1] | Researchers from Modux found a security *flaw* in Enabot Ebo Air #robot and responsibly disclosed their findings. Attack vectors could lead to remote-controlled *robot* spy units. Major entry point appears to be a hardcoded system administrator password that is weak and shared across all of these robots. Researchers also found information disclosure issues that could lead attackers to exfiltrate home (e.g. home WiFi password) that could then be used to pivot into other devices through local network. | 21-07-2022 |