Network Security, Patch/Configuration Management, Vulnerability Management

Researchers find electric skateboards prone to remote exploit

A pair of researchers developed an exploit that allows them to override the user controls of electric skateboards made by the company Boosted.

Richard Healey and Mike Ryan developed an attack, dubbed Faceplant, which allows an attacker to gain control the board's speed, direction, braking system and even upload arbitrary code, according to Wired.   

The duo discovered that manufactures did not encrypt the connection between the board and its remote controller after Healey's own electric board was forced to stop by a flood of Bluetooth interference signals.

Healey and Ryan reported their findings to Boosted last September but the company has yet to issue a patch. Boosted did inform the researchers that it will have a mitigation technique in place before the duo gives a presentation on the exploit at the DEF CON 2015 Conference this Saturday.

The duo also found critical vulnerabilities in boards made by Revo and Yuneec that stemmed from a lack of encryption.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.