Be Afraid, Electric Scooters Can Be Hacked

Electric Scooters

Boy, would “Died on a hacked electric scooter” look embarrassing on a tombstone.

Do you hate those electric scooters yet? Especially as no one that uses them is seemingly responsible with them? Well, there’s another reason to avoid them; they can be hacked and controlled remotely.

That said, it’s a specific model of electric scooter; the Xiaomi M365. According to Zimperium, the scooters are hackable through a Bluetooth password that “is not being used properly as part of the authentication process with the scooter and that all commands can be executed without the password.” This means that it is possible to launch a denial-of-service attack on the scooter, then use malware to control it remotely. Which is every bit as bad as it sounds, as demonstrated below.

Description: Video of a Zimperium zLab’s PoC locking a Xiaomi scooter using our malicious application that scans for nearby Xiaomi M365 scooters. The PoC disables the scooter by using its anti-theft feature- – without authentication or the user consent. The project was led by zLabs researcher, @raniXCH.

Zimperium alerted Xiaomi to the security flaw, but it has still yet to be patched. And, due to the nature of the problem, it’s not an easy fix for the average end user. Xiaomi has, however, told The Verge that they’re looking into the problem.

READ:  4 Steps That Could Help Keep Hackers From Hijacking The Election

As of right now, neither of the two leading scooter services, Bird and Lime, have the M365 in their fleets. That said, according to Zimperium’s Rani Idan, there’s no telling whether the other services might have them, or scooters with Xiaomi parts that make them susceptible to hacking.

Source: Gizmodo

About Author

B. Simmons

Based out of Glendale California, Bryan is a GAMbIT's resident gaming contributor. Specializing in PC and portable gaming, you can find Bryan on his 3DS playing Monster Hunter or at one of the various conventions throughout the state.

Learn More →