[FREAK] Hacking of Xiaomi scooters from a distance

     The security company Zimperium has discovered a security flaw allowing remote control of the Xiaomi M365 electric scooters (Mi Scooter in France). Regarding this flaw, Xiaomi replied that it was starting to “work on a solution to fix it and block access to any unauthorized application”. In addition, Xiaomi announced that an update will be available soon. After revealing the flaw, Zimperium created an application that allows any vehicle to be controlled within a 100-metre radius. The authors were able to hack these scooters via Bluetooth to control several functions of the device such as the anti-theft system, speed adjustment or updating scooter programs. Through Bluetooth, which has no defense against hacking (the password is for the application only and not the scooter), the researchers had access to most of the M365’s capabilities. The users of this machine therefore face various problems.

Zimperium has listed three different ways to use the breach:
– A denial of service attack to block the device ;
– The installation of a virus to take control of it ;
– A targeted attack causing a sudden acceleration ;

For the latter, Zimperium stated that it had created a “program capable of accelerating the scooter. It will not be disclosed for security reasons”. Although it affects thousands of users, the researchers added that this flaw could particularly affect transport services that have not disabled or replaced their Bluetooth module.