🏠 News Empire
tech

Bluetooth battery hack: E-rickshaw vulnerability exposes deeper tech issues

Published on: 06 Jul 2026, 10:01 AM
Bluetooth battery hack: E-rickshaw vulnerability exposes deeper tech issues

Over the last week, social media has been flooded with videos showing individuals using mobile applications such as BAT-BMS, Lossigy, and Epoch-i-ion to wirelessly disable e-rickshaw batteries via Bluetooth. While many shared these videos as 'pranks,' others speculated that the apps were designed for sabotage by Chinese manufacturers. However, the reality is less dramatic but still concerning.

Applications like BAT-BMS are intended for fleet owners and technicians to diagnose battery problems, such as overvoltage or undervoltage, without needing to disassemble the vehicle. These apps communicate with Bluetooth-enabled battery management systems (BMS) common in e-rickshaws. A known vulnerability in BMS modules manufactured by Chinese company Jiabaida—documented on GitHub as early as seven years ago—lacks proper authentication, allowing anyone with the app to connect and disable the battery.

This security flaw has been exploited by pranksters, but the apps themselves are not malicious. They are diagnostic tools that search for specific BMS modules and provide basic functions. The vulnerability lies in the hardware, not the software.

The incident highlights deeper issues in India's e-rickshaw ecosystem. Most components, including batteries and electronics, are imported from China. Local manufacturers assemble the frames but rely heavily on imported parts with little oversight. This creates potential security risks when vulnerable components are widely deployed.

In response to the viral videos, the Indian government directed Google and Apple to remove several battery management apps from their app stores. This approach—restricting access to tools rather than addressing the underlying hardware vulnerabilities—has been criticized as treating the symptom rather than the cause. Similar reasoning was used earlier when Telegram was blocked during exam-related fraud concerns.

Experts argue that a more effective response would be to mandate security standards for imported BMS modules and encourage manufacturers to update firmware or add authentication. Simply removing diagnostic apps may reduce immediate misuse but leaves the fundamental issue unresolved.

As e-rickshaws become more common in Indian cities, ensuring the security of their components is crucial. This incident is a reminder that importing technology without adequate security checks can lead to vulnerabilities that affect public safety.

Latest in Tech 10
Cybercrime’s New Frontier: Fraud-as-a-Service Grows as a Subscription Model
tech

Cybercrime’s New Frontier: Fraud-as-a-Service Grows as a Subscription Model

Cybercrime is increasingly operating on a subscription model called fraud-as-a-service (FaaS), offering tools like phishing kits and ransomware for a fee. This trend lowers the barrier for entry, making sophisticated attacks accessible to low-skilled criminals. Experts call for stronger cybersecurity measures and international cooperation to counter the growing threat.

Times of India 06 Jul 2026, 05:02 AM
Read More →
I&B Ministry Warns Telegram Over Piracy: Proactive Action Required
tech

I&B Ministry Warns Telegram Over Piracy: Proactive Action Required

The I&B Ministry has sent a fresh notice to Telegram, demanding proactive action against pirated content and warning of legal consequences. Telegram has 15 days to submit a report on its content takedown measures. This follows previous scrutiny over the platform's alleged involvement in the NEET-UG paper leak.

The Hindu 04 Jul 2026, 08:19 AM
Read More →
→ View All Tech News