Spanish Engineer Accidentally Gains Access to 7,000 Robot Vacuums
In a startling incident highlighting significant security vulnerabilities, a Spanish software engineer unwittingly commandeered approximately 7,000 robot vacuums worldwide.
This unprecedented breach enabled him to view interior spaces of various homes via the devices’ live cameras.
Sammy Azdoufal, while endeavoring to reverse-engineer his DJI Romo vacuum cleaner for compatibility with his PlayStation 5 controller, utilizing artificial intelligence, inadvertently unlocked extensive access to the device’s servers dispersed across 24 nations, as he disclosed to The Verge.
“I discovered my device was merely one within a vast network of devices,” he recounted to the New York-based technology publication.
Spanish software engineer Sammy Azdoufal reported inadvertently hijacking 7,000 DJI Romo robot vacuums globally. CFOTO/Future Publishing via Getty Images
He emphasized, “I did not breach any regulations, nor did I resort to hacking methods such as brute force.”
Yet, despite the absence of overt hacking into DJI’s servers, Azdoufal managed to take control of thousands of robotic units, observing through their cameras, activating microphones, mapping residential layouts, and tracking devices through their IP addresses.
Azdoufal’s access extended to the company’s network, underscoring the alarming simplicity by which malevolent entities could exploit data within our digitally saturated world.
Currently, the head of AI at a property management and travel group in Spain, Azdoufal, promptly informed The Verge about this critical security vulnerability, prompting the outlet to reach out to DJI.
In response, the Chinese technology company, recognized for its AI-driven devices, confirmed that the issue has been rectified, asserting that additional network concerns will be addressed shortly.
Attempts to reverse-engineer his device inadvertently provided access to servers across 24 countries. djidroner DJI affirmed that the security glitch has been resolved. djidroner
“DJI can confirm that the issue was rectified last week, with remediation already in progress prior to this public disclosure,” stated company spokesperson Daisy Kong to The Verge.
“DJI upholds stringent data privacy and security standards, employing established procedures for identifying and addressing potential vulnerabilities. The company will continue to implement further security improvements as part of its enduring commitment to safety.”
The shocking event occurred two years following a similar hijacking of Ecovacs robot vacuums, which were reprogrammed to hurl racial slurs at US homeowners. djidroner
This unsettling incident emerges just two years after a series of Ecovacs robot vacuums were taken over and manipulated to unleash racial insults toward US households, revealing persistent vulnerabilities in consumer technology.
Source link: Nypost.com.
