Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Spanish engineer reports flaw in 'smart' vacuums after gaining control of 7,000 devices [View all]
Sammy Azdoufal alerted New York-based outlet the Verge after he took control of DJI Romo devices around the world
A Spanish software engineer reportedly contacted a New York-based tech outlet recently to reveal he had remotely taken control of about 7,000 vacuums worldwide, in the process shedding light on a broad vulnerability with smart products, according to a cybersecurity expert.
The Verge reported that the situation came to light when Sammy Azdoufal was trying to reverse-engineer his new DJI Romo vacuum so that he could control it with his Playstation 5 gamepad.
Azdoufal soon discovered that when his self-styled remote control app started communicating with DJI’s servers, “it wasn’t just one vacuum cleaner that replied. Roughly 7,000 of them, all around the world, began treating Azdoufal like their boss.”
Azdoufal found that he could look and listen through the vacuums’ live camera feeds and collected more than 100,000 messages from the devices. He could also use any robot’s internet protocol – or IP – address to determine its approximate location.
https://www.theguardian.com/world/2026/feb/24/spanish-engineer-smart-vacuums-remote-control
A Spanish software engineer reportedly contacted a New York-based tech outlet recently to reveal he had remotely taken control of about 7,000 vacuums worldwide, in the process shedding light on a broad vulnerability with smart products, according to a cybersecurity expert.
The Verge reported that the situation came to light when Sammy Azdoufal was trying to reverse-engineer his new DJI Romo vacuum so that he could control it with his Playstation 5 gamepad.
Azdoufal soon discovered that when his self-styled remote control app started communicating with DJI’s servers, “it wasn’t just one vacuum cleaner that replied. Roughly 7,000 of them, all around the world, began treating Azdoufal like their boss.”
Azdoufal found that he could look and listen through the vacuums’ live camera feeds and collected more than 100,000 messages from the devices. He could also use any robot’s internet protocol – or IP – address to determine its approximate location.
https://www.theguardian.com/world/2026/feb/24/spanish-engineer-smart-vacuums-remote-control
The Guardian's Pass Notes column adds "He used an AI coding assistant, Claude Code, to reverse-engineer how the home robot vacuum communicated with DJI’s remote cloud servers". That will be a big problem with AI, now it's producing decent code - all kinds of people finding the flaws in systems, and taking advantage.
7 replies
= new reply since forum marked as read
= new reply since forum marked as read