REGISTER
Cart

COMMSEC: Hardware Backdooring an eScooter

REGISTER

Date

August 24, 2023

Time

17:00

Track

CommSec Track

In this talk, we are going to talk about ECU vulnerabilities in e-scooters. Our target is Indian OEM, though similar or  same vulnerabilities can be found in other e-scooters, We are going to demonstrate the attack where we took control of an e-scooter with the help of a hardware implant attack. The devices used in this research  is cheap to make and cost-effective.

We will show you how we reverse-engineered all functionality of the e-scooter with respect to CANBUS messages and created a hardware implant to install inside the scooter allowing remote access.

Our talk covers:

  • Basic information on E-scooter architecture and Safety Functionality
  • Different OEMs in India and their standpoints in market
  • TARA analysis of ECU with respect to E-Scooters level
  • Attack demos

Arun Mane

Founder & CEO

Amynasec Labs

Arun Mane is a Founder and CEO of Amynasec Labs company which is specialized in Vehicle/Iot/ICS and he is also Hardware, IOT, and ICS Security Researcher.
His areas of interest are Hardware Security, SCADA, Automotive security, Fault Injection, RF protocols, and Firmware Reverse Engineering. He also has experience in performing Security Audits (iso 62443, iso 21434, Nist frameworks) for both Government and private clients.
He has presented a talk at the nullcon 2016,2017,2018 Goa, GNUnify 2017, Defcamp 2017, 2018,2019 Romania, Hacktivity 2019 Budapest, Rootcon 2020 Philippines, BsidesDelhi 2017, c0c0n x 2017,2019, BSides Ahmedabad 2021, EFY 2018, x33fcon2018,2019,2021, BlackHat USA 2018, Defcon USA 2018, OWASP Seasides 2019 Go, HITB Red team Village 2020.
He is also a trainer for Practical Industrial Control Systems (ICS) hacking training, delivered in x33fcon2018,2019, HIP 2018, and also delivered training for IoT hacking in HITB 2017, HIP 2017, BlackHat Asia 2018, and private clients in London, Australia, Sweden, Netherlands, etc. Currently giving training on Exploiting IIOT, Reversing and exploiting Vehicles. He is an active member of the null open community.

SUPPORTING ORGANIZATION

COMMSEC TRACK SPONSOR

CTF & CTF PRIZE SPONSOR

TCP/IP RECEPTION SPONSOR

SPEAKERS DINNER BY

POST CONFERENCE RECEPTION SPONSOR

EXHIBITOR

CRESTnew-logo-2

VILLAGES

RRG-Logo.png
hardwareninja.png

FRIENDS OF HITB

HACK IN THE BOX PTE LTD

Level 36, Menara Maxis,

Kuala Lumpur City Center,

50088 Kuala Lumpur,

Malaysia

Facebook Twitter Youtube