Hackers Can Control Your Electric Skateboards

Two security researchers, Richo Healey and Mike Ran, found a vulnerability in electric skateboard.

Rico Healey is a Security Engineer at the payment solution firm Stripe, and Mike Ryan is a member of Red Team at eBay.

When Healey lost control of his own electric board  in Melbourne, Australia, the two security researchers become more interested in hacking skateboards.

This two security researchers had three Bluetooth enabled electric skateboards to find vulnerabilities in it. The two researchers found one critical vulnerability in each board.

The Boosted board works with an app, which controls two 1 kilowatt electronic motors, controlling them by a Bluetooth remote. The motor on board moves or stops when it receives the command from Bluetooth remote.

Since the Bluetooth communication is not encrypted, attackers can easily hack into the skateboard system.

According to Wired the two security researchers said that,” Because the Bluetooth communication is not encrypted or authenticated, a nearby attacker can easily insert himself between the remote and the app, forcing the board to connect to his laptop. Once he achieves this, he can stop the skateboard abruptly, ejecting the rider, send a malicious exploit that causes the wheels to suddenly alter direction and go in reverse at top speed, or disable the brakes. An attacker can also simply jam the communication between the remote and the board while a driver is on a steep hill, causing the brakes to disengage.”

Richo Healey and Mike Ryan will re-present their vulnerabilities at this year Def Con hacker conference in Las Vegas.

 

Related posts

Glove Stealer Emerges A New Malware Threat For Browsers

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA

Kia Dealer Portal Vulnerability Risked Millions of Cars