Hackers can seize control of Xiaomi scooters by exploiting security flaw

The Xiaomi M365 can be made to speed up or slow down by attackers

Hacker in the dark

A security flaw in a Xiaomi electric scooter used by ridesharing companies can be attacked by hackers to accelerate or brake the machine.

According to security researchers at Zimperium, an attacker only has to be within 100 meters of such a vehicle to carry out the hack. Researchers released a proof-of-concept (PoC) for the attack, which impacts Xiaomi M365 scooters.

Advertisement - Article continues below

The PoC enabled researchers to mount a denial-of-service attack and install malicious firmware that can take control of the scooter's acceleration and braking capacities.

The problem starts with the use of Bluetooth by the scooter. The Bluetooth access allows the user to interact with the scooter for multiple features such as an Anti-Theft System, Cruise-Control, Eco Mode and updating the scooter's firmware. To access those features the user can use a dedicated app, and every scooter is protected by a password that can be changed by the user.

"During our research, we determined the password is not being used properly as part of the authentication process with the scooter and that all commands can be executed without the password. The password is only validated on the application side, but the scooter itself doesn't keep track of the authentication state," said the researchers in a blog post.

Advertisement
Advertisement - Article continues below

They added that these features can be used without the need for authentication. Researchers released a video showing how the PoC could lock a scooter by using its anti-theft feature without authentication or the user's consent.

Advertisement - Article continues below

Researchers have contacted Xiaomi which confirmed that it is a known issue internally but gave no clue as to when the problem would be fixed. As a temporary mitigation, researchers said users should connect their mobile app to the scooter before use and keep the app connected, as would-be attackers wouldn't be able to then remotely flash malicious malware or lock a scooter. 

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/security/355013/10-quick-tips-to-identifying-phishing-emails
Security

10 quick tips to identifying phishing emails

16 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354941/panda-security-to-be-acquired-by-watchguard
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/mobile/mobile-phones/355088/apple-lifts-iphone-purchase-restrictions
Mobile Phones

Apple lifts iPhone purchase restrictions

23 Mar 2020