Government blocks Chinese apps used to remotely disable e-rickshaws
The Union government on Friday issued orders to block certain battery management apps after reports emerged that users were remotely disabling e-rickshaws while they were transporting passengers, an official said.
The apps, mostly developed by Chinese firms, are designed for legitimate battery owners but were being misused. The developers of three apps—Shenzhen Grenergy Technology, Shenzhen Ruichuang Lineng Technology, and Daly BMS—did not respond to queries.
It is unclear if banning the apps will fully eliminate the vulnerability, as they do not require internet access to hijack and shut off battery units without a password or PIN. Current testing standards for e-rickshaw certification do not include cybersecurity requirements.
Lithium-ion battery packs include battery management systems to monitor charge, voltage, temperature, and cell health. Videos on social media showing rickshaws suddenly stopping went viral this week.
A senior official noted that stranding vehicles in this manner is a punishable offence under criminal mischief laws.
In Ujjain, Madhya Pradesh, police arrested a person demanding money from e-rickshaw drivers after using the exploit to disable their vehicles. Neel Ganga Police Station in-charge Tarun Kuril said the racket came to light following an extortion incident at Loti Tiraha.
“We received information that an auto-rickshaw driver’s vehicle had stalled at Loti Tiraha, and a young man charged him ₹200 under the pretext of fixing it. Upon inquiry, the driver revealed that e-rickshaws in the city are being shut down remotely—their batteries disabled via a mobile app. Some miscreants use this app to immobilise the vehicles and then demand money to restart them,” Mr. Kuril said.
The government's action aims to address the immediate threat while broader cybersecurity standards for electric vehicles are under consideration.