Categories: NewsSecurity

Firmware Update Prevents Hackers From Remotely Controlling Hoverboards

Segway hoverboards can be a threat to personal safety. Not only are these machines quite prone to accidents, but there are also plenty of security flaws on the software side. Ninebot, the company responsible for making these hoverboards, had to issue an emergency firmware update to address these issues. Having a hacker remotely control the Segway would be quite problematic.

Ninebot Addresses Major Segway Flaws

It is good to see hardware manufacturers take the appropriate course of action when security flaws are discovered. Instead of letting these issues play out on their own, the company issued a firmware update recently. This update is supposed to address various security vulnerabilities affecting Segway hoverboards. Hackers had been able to remotely control these machines and do all kinds of harm in the process.

Even though those flaws were discovered back in 2016, it has taken Ninebot some time to properly address the issues they presented. Three major flaws were identified by researcher Thomas Kilbridge. The first one would allow anyone in the world to connect to a Segway hoverboard via Bluetooth without any problems. Bluetooth allows users to exchange data and information, which poses a massive security risk. What made this connection possible was the default Bluetooth access PIN used by Segway hoverboards. Thankfully, that issue is now resolved.

The second issue allowed attackers to trick hoverboards into downloading malicious firmware updates. Since there was no checksum to validate the integrity of these firmware updates, the hardware would download and install the software without any problems. The final vulnerability affected the mobile Segway companion app, which displays locations of nearby Segway users. This could be used by attackers to target other vulnerable hoverboards. Displaying these locations was a breach of user privacy and probably should not have existed in the first place.

Exploiting any of those weaknesses could have ultimately led to the stealing of Segway hoverboards. The devices could have been controlled remotely to move away from their owners and park in a specified location where they could have been picked up by hackers. Attackers could have overridden security measures as well, allowing the machines to overheat. They could have caused physical harm as well, by making hoverboards speed up or brake when the users did not expect it.

In the end, it is good to see Ninebot finally having addressed these issues, though they took more time than expected. Segway hoverboards have become rather popular all over the world. It is now up to device owners to manually update their firmware, as this is not automatic. Until owners completes this update, their Segway hoverboards will remain susceptible to these types of attack.  The video below showcases these vulnerabilities and how they can impact the hardware.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Recent Posts

League of Legends PH Client Facilitated Cryptojacking Due to Modified Code

Popular online games have always been a prone target for criminals and hackers. Although these incidents are usually aimed at…

52 mins ago

What Is CoinMarketAlert?

Tracking cryptocurrency prices can be done in many ways. Most enthusiasts rely on various mobile or desktop applications to do…

2 hours ago

One Seemingly Useless Smart Contract Causes Major Ethereum Blockchain Bloat

Even though the Ethereum network is receiving some scaling upgrades, network issues still tend to pop up now and then.…

3 hours ago

JiojioMe Unleashes Social Network Revolution for Digital Ad Industry through Blockchain Technology

Mobile advertising marketplace, JiojioMe, is fueling a new, vibrant ecosystem for the digital ad industry through the platform's pioneering currency,…

3 hours ago

What Is Swixer?

There is a growing need on the part of cryptocurrency enthusiasts to convert between various currencies on the fly. Coin…

4 hours ago

Former Finance Minister of Malta Joins QuickX’s Advisory Board

Disruptive as it is, blockchain and its accompanying cryptocurrencies are seen as anti-establishment and a threat to the traditional financial…

4 hours ago