Electric scooters, also called e-scooters, are a popular method of transportation in large cities.
They are small, portable, and can zip around sidewalks and in between pedestrians with ease. Unfortunately, their popularity isn’t just with law-abiding citizens.
Xiaomi M365 scooters were Vulnerable to Hack
A research conducted in Last year by Zimperium scooter companies like , Lime, and Bird discovered individuals were able to hack into the machines and make them perform a variety of actions without a rider’s knowledge.
One of the most significant studies was completed by Zimperium in last year, a mobile security company, they tested multiple Xiaomi M365 scooters and discovered the electronic system could be hacked.
The hacker could force the scooter to speed up, slow down, or stop completely at will.
The hack is done by accessing the Bluetooth app utilized by the Xiaomi M365, which was designed to allow users to remotely lock their scooter.
This hack is troubling news for the manufacturer of the Xiaomi M365. It could be utilized from over 100 meters (328 ft.) away and lock multiple scooters at once or just mess with a single one.
The Xiaomi M365 is one of the most popular models used by electric scooter rental companies around the world and in the United States.
Being able to affect the function of the scooter is not the only thing hackers can do. Someone with enough technical experience can force an e-scooter to stop, deactivate the brakes, and then put it in their vehicle to take away. Once the hacker is at a secure location, it is possible to remove the internal hardware and reprogram it for personal use.
Kit for hacking an e-scooter
It sounds like a fantasy, but it has been done numerous times around the world. A complete kit for hacking an e-scooter is available online for roughly $48, a fraction of the cost of an expensive e-scooter.
Someone unscrupulous enough would have an easy time making a Xiaomi M365 their own without investing too much time, money, or energy into the crime.
Someone would need to have a target in mind, figure out who is using it, and then monitor it until there are few witnesses to see the hack and theft.
Second, the kit necessary to completely rewire the scooters can only be purchased online from China and takes eight weeks to arrive.
Even if a hacker is interested in one of the scooters, it would take a long time for their plan to come to fruition.
Plus, the loss of a single scooter doesn’t matter much to such massive companies, which brings us to our final point.
Finally, Lime and Bird are not interested in hackers because it doesn’t affect their bottom line.
E-scooters are more environmentally friendly than many other transportation methods but they have inordinate maintenance costs. People don’t return the scooters to their designated areas, which means the companies need to send people in vans out to collect them.
This means companies like Lime and Bird need to invest more time, money, and gasoline into having the e-scooters brought back to their rental locations and charging stations.
This can mean a scooter is operating at a loss for the day if it didn’t make enough money to cover maintenance.
The bottom line? Stolen scooters can actually save the rental companies money. Lime, Bird, and others make their money back from buying the e-scooters in a couple of weeks, so then they just end up paying maintenance costs.
If one gets hacked and stolen, it doesn’t affect their business model much at all. Considering Bird is worth $2 billion and Lime is worth $1.1 billion, losing a couple of $500 scooters does not matter. Plus, each scooter brings in only $15 a day.
If you live in the United States and use e-scooters on a regular basis, you don’t have to worry about the starting/stopping hack seen in the Xiaomi M365.
Only a couple of hooligans might utilize such a tool Instead, hackers are more likely to be roaming the streets and stealing the e-scooters for themselves. However, even this threat hasn’t been great enough for e-scooter rental companies to take action.