Categories: NewsSecurity

Firmware Update Prevents Hackers From Remotely Controlling Hoverboards

Segway hoverboards can be a threat to personal safety. Not only are these machines quite prone to accidents, but there are also plenty of security flaws on the software side. Ninebot, the company responsible for making these hoverboards, had to issue an emergency firmware update to address these issues. Having a hacker remotely control the Segway would be quite problematic.

Ninebot Addresses Major Segway Flaws

It is good to see hardware manufacturers take the appropriate course of action when security flaws are discovered. Instead of letting these issues play out on their own, the company issued a firmware update recently. This update is supposed to address various

security vulnerabilities affecting Segway hoverboards. Hackers had been able to remotely control these machines and do all kinds of harm in the process.

Even though those flaws were discovered back in 2016, it has taken Ninebot some time to properly address the issues they presented. Three major flaws were identified by researcher Thomas Kilbridge. The first one would allow anyone in the world to connect to a Segway hoverboard via Bluetooth without any problems. Bluetooth allows users to exchange data and information, which poses a massive security risk. What made this connection possible was the default Bluetooth access PIN used by Segway hoverboards. Thankfully, that issue is now resolved.

The second issue allowed attackers to trick hoverboards into downloading malicious firmware updates. Since there was no checksum to validate the integrity of these firmware updates, the hardware would download and install the software without any problems. The final vulnerability affected the mobile Segway companion app, which displays locations of nearby Segway users. This could be used by attackers to target other vulnerable hoverboards. Displaying these locations was a breach of user privacy and probably should not have existed in the first place.

Related Post

Exploiting any of those weaknesses could have ultimately led to the stealing of Segway hoverboards. The devices could have been controlled remotely to move away from their owners and park in a specified location where they could have been picked up by hackers. Attackers could have overridden security measures as well, allowing the machines to overheat. They could have caused physical harm as well, by making hoverboards speed up or brake when the users did not expect it.

In the end, it is good to see Ninebot finally having addressed these issues, though they took more time than expected. Segway hoverboards have become rather popular all over the world. It is now up to device owners to manually update their firmware, as this is not automatic. Until owners completes this update, their Segway hoverboards will remain susceptible to these types of attack.  The video below showcases these vulnerabilities and how they can impact the hardware.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

TRX Price Prediction: Tron Network Fee Cut to Spark New ATH?

Back into Spotlight: Tron Network Fee Cut Could Push TRX to ATH, But This DeFi…

8 hours ago

Altcoin Alert: Crypto Market Cap Breaches Key Level Hinting at an 8000x Rally for this Shiba Inu Killer

Shiba Inu (SHIB) gave enormous returns in 2021, making many early holders millionaires. After the…

12 hours ago

XRP Crash? XRP Falls Below $0.5 Resistance Level as Next Gen Altcoin JetBolt Takes Over

Spooky season might be over but doom is still looming as Ripple’s XRP falls below…

15 hours ago

This New Exchange Token Is Poised for a Price Surge Alongside Cardano and Avalanche – Analysts Predict Huge Gains This November

Three promising altcoins are causing a stir among investors this November: Avalanche (AVAX), Cardano (ADA),…

15 hours ago

With Dogecoin Dipping and TRON Holding, Is Lunex the Hottest Crypto Now?  

Everyone knows what the hottest crypto can do. When it was so hot it was…

15 hours ago

Tron Fees To Be Cut In Half Through Proposal 95, Cutoshi Surpasses $600k As TRX Investors Join CUTO Presale

The Tron network has witnessed incredible growth in several areas, especially in its adoption, which…

16 hours ago