Click For Photo: https://i.dailymail.co.uk/1s/2019/02/12/18/9733792-0-image-a-19_1549997866172.jpgClick For Video: https://videos.dailymail.co.uk/video/mol/2018/06/08/4569101361675548625/1024x576_MP4_4569101361675548625.mp4
Security researchers discovered a worrying flaw in popular e-scooters that leaves them open to being remotely controlled by hackers.
Mobile security firm Zimperium has warned that a security vulnerability in Xiaomi's M365 scooter could let anyone savvy enough lock the device, hit the brakes and even cause the device to suddenly accelerate.
Zimperium - Ride-sharing - Services - M365 - Scooters
Zimperium said several popular ride-sharing services use M365 scooters, but it's unclear how many are currently in use in the U.S.
The flaw resides in the scooter's Bluetooth module, which lets users control the device remotely.
Example - Bluetooth - Customers - Scooter - Handsfree
For example, using Bluetooth, customers can lock the scooter on the app handsfree.
Rani Idan, a security researcher at Zimperium, found that a hacker could easily connect to the scooter with Bluetooth and without having to enter a password.
Password - Application - Side - Scooter - Track
'The password is only validated on the application side, but the scooter itself doesn’t keep track of the authentication state,' Idan said.
'Therefore, we can use all of these features without the need for authentication.'
Idan - Researchers - Step - Flaw - Malware
Idan and the other researchers then took it a step further and exploited this flaw to install malware on the scooter.
The scooter didn't recognize that unauthorized software had been installed onto it.
Malware - Hackers - Control - Scooter
Once the malware is installed, hackers have full control over the scooter, allowing them to lock it.
Using the malware, hackers can control any scooter that's within 328ft of their location.
They found that bad...
Wake Up To Breaking News!