sb-eu logo
Story image

Security flaw in Xiaomi electric scooters could have deadly consequences

13 Feb 2019

Xiaomi’s M365 electric scooters could be something of a deathtrap for riders, after a security firm discovered security flaws in the scooters’ Bluetooth systems.

Zimperium reported in a blog this week that the M365 electric scooters use Bluetooth via a dedicated in order to manage features like cruise control, anti-theft systems, and eco-mode. While the Bluetooth system includes a password for security, the password doesn’t actually work properly.

Because of that lack of password security, an attacker could, in theory,target a rider, and then cause the scooter to suddenly brake or accelerate.  That could potentially have deadly consequences, particularly if a rider is crossing the road.

The attacker can also lock any scooter through a denial of service attack, and the attacker could also load malware that can take full control of the scooter (Zimperium responsibly chose not to disclose the malware that could do such a thing).

The company explains what the issue with the password authentication is:

“During our research, we determined the password is not being used properly as part of the authentication process with the scooter and that all commands can be executed without the password. The password is only validated on the application side, but the scooter itself doesn’t keep track of the authentication state. Therefore, we can use all of these features without the need for authentication.”

Zimperium demonstrates the proof-of-concept attack in a YouTube video, which shows researchers performing a remote lock on a scooter.

“We demonstrate a PoC locking the scooter using our malicious application that scans for nearby Xiaomi M365 scooters and disables them by using the anti-theft feature of the scooter – without authentication or the user consent.

"The app sends a crafted payload using the correct byte sequence to issue a command that will lock any nearby scooter in the distance of up to 100 metres away.”

Xiaomi responded to Zimperium and acknowledged that it is a known issue. Xiaomi says it has made the issue public. Because Xiaomi works with third parties, it has to work with them to create a fix.

However, it doesn’t look like Xiaomi will be issuing recalls, and the affected scooter is still being sold in New Zealand and worldwide. In New Zealand, the scooter retails for almost $700.

“Unfortunately, the scooter’s security still needs to be updated by Xiaomi (or any 3rd parties they work with) and cannot be fixed easily by the user,” Zimperium concludes.

Story image
Report: Tech industry most attacked sector
"The current global crisis has shown us that cyber criminals will always take advantage of any situation and organisations must be ready for anything."More
Story image
ExtraHop brings SaaS network detection and response solution to market
"Reveal(x) 360 is the culmination of a multi-year R&D investment to secure data centre, remote sites, and cloud workloads with frictionless deployment and actionable insights that can be securely accessed from anywhere.”More
Story image
Months on, many organisations still don't have secure remote access - report
The report analyses the extent to which businesses were prepared for the sudden shift into remote working due to COVID-19 restrictions, and analyses how organisations have adjusted to support remote workers amidst the COVID-19 pandemic. More
Story image
Bitglass & CrowdStrike develop agentless ATP defender
“A successful security strategy lies in the ability to quickly detect, respond and remediate threat activity,” says CrowdStrike chief scientist Sven Kasser.More
Story image
Endace and Palo Alto Networks launch integration to empower security teams
“The combination of Cortex XSOAR’s powerful orchestration and automation capabilities with the rich network history recorded by the EndaceProbe Analytics Platform gives security operations access to the conclusive forensic evidence they need to respond quickly and accurately to threats.” More
Story image
SolarWinds Niche Player in app monitoring Magic Quadrant
Simplicity, visibility and solution synergy have put SolarWinds into the 2020 Gartner Magic Quadrant for Application Performance Monitoring.More