Security researchers Dennis Giese and Daniel Wegemer managed to hack into Xiaomi Mi Robot vacuum cleaner and their research shows that robot is much more secure than other smart things currently present. At Chaos Communication Congress 34, Leipzig (Germany) in their talk showed how system software works and how they found vulnerabilities to crack it.
First, they analyzed a unit to check whether there was a route in through the vacuum cleaner's miniaturized scale USB port. But that didn't worked, Xiaomi has secured this association with some authentication. From that point forward, the specialists dismantled the vacuum cleaner and endeavored to locate a serial port on its motherboard. This endeavor was in like manner unsuccessful.
Their second technique was based on network. The scientists endeavored to check the gadget's system ports, however all ports were shut. Sniffing system movement didn't help, either; the robot's interchanges were encoded. Finally they succeeded by using aluminum foil to short-circuit some of the tiny contacts connecting processor to motherboard, causing the processor to enter a special mode that allows reading and even writing to flash memory directly through the USB connection. That's how they gained full control over the device.
Source: Kaspersky