A hacker within 100m of your scooter can cause it to suddenly accelerate to full speed or brake. What can you do?
Recently, cybersecurity researchers at Zimperium found a disturbing flaw in Xiaomi m365 scooters. This flaw allows hackers to send commands to the scooter via Bluetooth.
Hackers can target individual riders to cause the scooter to suddenly brake or accelerate to maximum speed. Depending on the situation, this can potentially cause serious injury or death to riders.
Make no mistake: Zimperium has already released a proof-of-concept code to exploit the flaw to the public after disclosing the flaw to Xiaomi. That means, hackers now have working software code to
Watch Zimperium’s demo of this flaw below:
What can you do? So far, software update from Xiaomi is not forthcoming. But Zimperium provided a workaround to protect yourself:
In order to prevent an attacker from connecting to the M365 scooter remotely, it is possible to use Xiaomi’s application from your mobile before riding and connect to the scooter, once your mobile is connected and kept connected to the scooter an attacker won’t be able to remotely flash malicious firmware or lock your scooter.