Marco Casagrande’s presentation of our E-Spoofer paper about Xiaomi e-scooters' security and privacy recorded at ACM WiSec'23
Marco Casagrande presented at WiSec'23 our paper titled: E-Spoofer: Attacking and Defending Xiaomi Electric Scooter Ecosystem.
In a nutshell, we reverse-engineered the proprietary wireless protocols used by Xiaomi e-scooters and companions applications (i.e., Mi Home) over BLE, found critical vulnerabilities, exploited them to get arbitrary read and write capabilities on an e-scooter both in proximity and remotely (via a malicious Android app), developed concrete countermeasures, released a toolkit to reproduce our findings and tamper with the protocols, and responsibly disclosed our results to Xiaomi.