Social media recently saw a surge of videos showing people remotely disabling electric rickshaws and loaders in India by accessing their battery management systems (BMS). These incidents, occurring over the past week, left drivers stranded and disrupted trips, raising alarms about the security of connected electric vehicle (EV) systems, according to inc42.com.

The BMS units communicate via popular mobile apps like BAT BMS, Lossigy, and Epoch Li-ion, some of which originate from China. These apps connect to the BMS over Bluetooth within a 10-15 metre range, allowing users to monitor battery health and other parameters. However, many budget EVs use BMS with weak authentication or default access settings, enabling anyone nearby to connect and issue commands that can disable the battery output, effectively immobilising the vehicle, inc42.com reported.

This vulnerability is not a traditional hack but an exploitation of poor access controls in the BMS software. Experts highlight that the lack of robust security measures in these embedded controllers exposes a significant risk to the growing EV market in India. The incident underscores the need for stronger security protocols in connected devices, especially as EV adoption accelerates, per inc42.com.

The episode has sparked discussions among industry stakeholders about improving authentication mechanisms in BMS units. The Bluetooth range limitation means physical proximity is required for such attacks, but the impact on drivers and vehicle operations is immediate and tangible, inc42.com noted.

Editorial standards. Reported and edited at Startupniti's news desk from the sources listed in the right rail. Every fact traces to a citation. If something looks wrong, write to corrections.