Back in 2015, there wasn’t a toy that was as cool as a Hoverboard. Everyone seemed to own one until a series of unfortunate events shone a light on the bad quality of the batteries that seemed to overheat and explode out of nowhere. There are still some companies that are trying to keep hoverboards in trend, like Segway, but with the price of being trendy comes the possibility of being hacked.
It is fairly known that any everyday object that is connected online is also practically waiting to get under a possible cyberattack. Anything and everything can be hacked, and yes, that includes smart vibrators.
One of the Segway’s latest models, Minipro, offers features that allow the user to connect your hoverboard toy to your phone via Bluetooth and control it through an app by hand.
Last year, IOActive’s researchers had come to find a way to hack the Bluetooth connection and take control over the MiniPro, which gave them access to control the hoverboard from up to 200 feet away. They published some of their results on Wednesday.
The point of hijacking a hoverboard has to be brought to question since there isn’t a lot a person can do with one. There isn’t a possibility to make the batteries overheat and explode since Segway made sure to fix that little issue as soon as possible with physical safety measures, which leaves the hack usable for pranksters ready to laugh on someone else’s account.
Thomas Kilbride has a vivid imagination and was able to imagine a situation where a person would be riding a hoverboard and the hacker would make it come to an abrupt stop, causing the rider to fly into the ground face first. An addition of a coffee cup in hand would certainly spice things up a bit. Kilbride also told us that because the hoverboard is being controlled by Bluetooth and Bluetooth cannot be turned off in a hoverboard, there would be no way to escape these possible attacks.
When asked to comment, Segway did not respond.
IOActive’s researchers fiddled with the toy’s app code and discovered how easy it is to take control over the hoverboard, without any need for authentification. This way, a PIN lock for the app could be changed, giving them full access to hoverboard’s controls.
They could change the speed of the toy, make it stop suddenly while someone’s on it. Hackers could also track the person riding the hoverboard through the app. It records location of the toy by GPS, making it easy to find the hoverboard on the map.
IOActive informed Segway of their findings in December, and the company has fixed the issued by April. So, technically, the mass hijacking of hoverboards won’t happen soon.