Xiaomi m365 electric scooter is susceptible to hacking with the ability to remote control

Probably, if 10 years ago someone had said that soon it would be necessary to charge not only laptops and phones, but also scooters, no one would have believed it. But now it is almost no surprise. But fans of this type of transport will be surprised at another news - the electric scooter can be remotely hacked, after which the attacker gets the opportunity to control the system.

And this is not a joke, the Xiaomi m365 scooter turned out to be poorly protected from external interference. A cybercriminal can easily seize control and then accelerate the vehicle, increase its speed or perform some other actions.

Security vulnerabilities from Zimperium were discovered. According to the head, his team hacked the device protection system in just a few hours. As it turned out, Xiaomi m365 has three software components. The first is power management (battery), the second is wireless communication (Bluetooth), the third is a kind of “lining” between the hardware and software modules.

The most vulnerable is the communication module. As it turned out, you can connect to the scooter without sending a password or any other authentication method. After that, you can install third-party software, and the scooter does not check the original software from the manufacturer or something else. That is, an attacker can easily install malware and take control.

"I managed to manage all the functions of the scooter without going through the authentication procedure," said a company representative who studied the vulnerability. "An attacker can suddenly stop a scooter, speed it up or send it directly to a crowd of people or a bunch of cars — this is the worst scenario you can imagine."

The problem with scooter is not new, and it's not even about scooters, but about how to protect IoT as a whole. Manufacturers of smart devices are more concerned about the design and functionality of their devices than about protecting them from external factors, including cybercriminals. Due to the negligence of manufacturers, it becomes possible to form botnets of smart devices, including cameras, refrigerators, pressure cookers, and routers. Now it became clear that hacking is subject to vehicles.

As for the latter, information security specialists were able to detect vulnerabilities in the Segway MiniPro protection system back in 2017. There was also an active vulnerability that allowed an attacker to take control of the device. Moreover, if desired, the offender could in real time track the location of the vehicle. The hole was also in the Bluetooth module, which allowed you to connect without authentication, using certain methods of bypassing identity verification. The firmware update system was also formed a bit “crookedly”, which made it possible for an attacker to install third-party software, which opened up even more possibilities for affecting the vehicle.


However, then the manufacturer quickly corrected the problem, because she understood how dangerous such a defense hole was.

But with Xiaomi, the situation is somewhat worse. Representatives of the company reported that they know about the problem, but can not fix it on their own. The fact is that the Bluetooth module is supplied by a third-party manufacturer, which Xiaomi does not call. Now both companies are trying to find a solution to the problem. However, all M365 electric scooters remain vulnerable to burglary.

Zimperium has developed a proof of concept application that demonstrates the problem. True, the organization for some reason laid out this application, making it accessible to all. Perhaps, Zimperium believes that this will make Xiaomi more actively address the issue of vulnerability. Far from all agree with this opinion, because the M365 electric scooters disperse in tens of thousands, therefore, the owners of such vehicles are in danger.

It seems that Xiaomi in any case will have to very quickly close the vulnerability, using any means and methods applicable in the current situation.