9

I have an Xiaomi Mi robot sweeper and at 7:00:40pm each day it is being started up by a rogue internet message. I saved the active IP table from the DD-WRT router firmware immediately before and after several of the start-ups and have found the following unique IP remote (foreign) addresses, where the source (local) IP was that of the sweeper:

52.80.189.157
52.80.66.219

Is it possible to modify the firewall in the router's DD-WRT firmware to include all 52.80.xx.xx addresses via the "Command line" input under "administration"?

Rohit Gupta
  • 507
  • 2
  • 3
  • 18

2 Answers2

6

According to the Amazon page, there is a cloud service available for the vacuum cleaner. Presumably, that's what the app is communicating with. You can also use Alexa with the vacuum cleaner, so there are many places packets might be coming from towards your vacuum.

One of the IPs you listed seems to be a company or part of a university in China, I can't tell which my the whois page.

Searching for that company some more, I found this page, showing that the company might be a datacenter.

So you're either looking at a feature that you or someone else signed up for and forgot about, or known bad IP addresses own your network. It's kind of a crapshoot at this point with the information provided. However, hackers in this day and age would be more interested in using the robot as part of a botnet or Bitcoin miner rather than just pranking you at the same time every day.

YetAnotherRandomUser
  • 271
  • 2
  • 2
5

Per Scott's comment and ignoring the original question, the story is that apparently a firmware update for my robot sweeper included the option of an "automatic" mode with a default of turning it on at 1900 DST (and 1800 when DST ended). I say "apparently" because I was unaware of such an "automatic mode" until a week or so before the end of the forty some days mentioned in Scott's posting.

On my tablet where I follow the robot sweeper and restart it when it complained of blocked brush I finally stumbled into the "new" "automatic" part of the program and saw "1800". Wow! Part of the instructions and information in the automatic mode is in Chinese, so character by character I translated it to English and determined how to turn off the "automatic" option. Even in English these programs are not really user friendly.

In "automatic" the robot uses a program on any one of many Amazon clouds to implement its auto sweeping start up. I blocked 24 ranges of IP addresses in the router from being accessed by the sweeper and with no success I then finally blocked the sweeper from internet access for the 1 minute it was occurring. That did work. I was at the point of trying to block incoming instructions to the sweeper to identify the IP address of the culprit when I posted the original question.

I originally tried to contact the seller/factory of the subject but they claimed no obligation to "export" customers.

Yeah, the background to the question is more interesting than the question.