Boy, would “Died on a hacked electric scooter” look embarrassing on a tombstone.
Do you hate those electric scooters yet? Especially as no one that uses them is seemingly responsible with them? Well, there’s another reason to avoid them; they can be hacked and controlled remotely.
That said, it’s a specific model of electric scooter; the Xiaomi M365. According to Zimperium, the scooters are hackable through a Bluetooth password that “is not being used properly as part of the authentication process with the scooter and that all commands can be executed without the password.” This means that it is possible to launch a denial-of-service attack on the scooter, then use malware to control it remotely. Which is every bit as bad as it sounds, as demonstrated below.
Zimperium alerted Xiaomi to the security flaw, but it has still yet to be patched. And, due to the nature of the problem, it’s not an easy fix for the average end user. Xiaomi has, however, told The Verge that they’re looking into the problem.
As of right now, neither of the two leading scooter services, Bird and Lime, have the M365 in their fleets. That said, according to Zimperium’s Rani Idan, there’s no telling whether the other services might have them, or scooters with Xiaomi parts that make them susceptible to hacking.
Source: Gizmodo