Government Forces Removal of Malicious Apps Hijacking Electric Rickshaw Batteries
DNI SUMMARY — KEY POINTS
- The Indian government has officially ordered the removal of three Chinese applications from major app stores after they were used to remotely disable electric rickshaws.
- Viral videos circulated online showing pranksters using the BAT-BMS application to cut power to moving vehicles, causing significant public safety concerns and traffic disruptions.
- IT Secretary S Krishnan confirmed that the ministry of electronics and IT is demanding stricter due diligence from platform providers like Google and Apple.
- These applications were originally intended to monitor battery health but lacked necessary password protection, allowing unauthorized users to gain control via Bluetooth connections.
- Officials have warned that any additional applications found to be facilitating similar malicious activities will face immediate blocking and further regulatory scrutiny.
Government authorities have launched a decisive crackdown on digital tools being exploited to compromise public transport security across the country. The directive mandates the immediate removal of BAT-BMS, Lossigy, and Epoch-i-ion from global application marketplaces following reports of remote vehicle interference. These tools, which were designed to provide legitimate battery telemetry, have become conduits for mischief and potential danger. As digital infrastructure becomes increasingly intertwined with daily commuting, the vulnerability of connected vehicle management systems has emerged as a significant point of policy friction for officials.
Security Risks in Transportation
The surge in popularity of these mobile interfaces stems from the integration of Bluetooth connectivity in cost-effective lithium-ion battery packs found in the mass market. While these systems offer drivers real-time diagnostics regarding cell voltage and thermal performance, the lack of robust security protocols creates an open door for exploitation. Users who possess basic technical knowledge can scan the immediate vicinity for unsecured devices and establish a command link within a short range. This accessibility has turned standard maintenance software into a weapon for those seeking cheap thrills at the expense of infrastructure stability.
Viral social media content has brought the issue into sharp focus, showcasing instances where unsuspecting drivers were stranded mid-transit. The sight of vehicles stalling on busy thoroughfares prompted an urgent intervention from the Ministry of Electronics and IT to prevent further incidents. Content creators have been documented using the interface to cut off power, leaving passengers confused and drivers struggling to push heavy equipment to the side of the road. These disruptions have highlighted the urgent need for manufacturers to adopt stringent cybersecurity standards for all connected hardware components.
The government ordered the removal of BAT-BMS, Lossigy, and Epoch-i-ion after reports of remote e-rickshaw shutdowns.
Pressure on Digital Platforms
Government officials are now emphasizing the requirement for digital platforms to implement more rigorous safety screenings before hosting third-party software. During recent industry summits, IT Secretary S Krishnan underscored that store operators must exercise enhanced due diligence to ensure that potentially harmful programs are intercepted before they reach consumers. This stance reflects a broader shift in national policy toward enforcing accountability on multinational tech giants. The goal is to establish a comprehensive framework that discourages the distribution of tools prone to being repurposed for public nuisance or malicious intent.
Security experts warn that the current situation underscores the perils of deploying hardware without sufficient authentication layers. The Shenzhen Grenergy Technology application allows for control over charging and discharging functions, which is intended to protect battery longevity but presents obvious risks if mismanaged. When hardware is shipped with default or non-existent password protection, it remains susceptible to anyone with a smartphone in the immediate vicinity. This incident serves as a wake-up call for the entire electric vehicle supply chain to prioritize user security alongside technical performance specifications.
Drivers Facing Unexpected Shutdowns
Local transport authorities in major urban hubs have initiated investigations into the safety implications of these digital vulnerabilities. Delhi transport officials have categorized the incidents as a serious matter of security that threatens the efficiency of public transit systems. Because e-rickshaws provide essential last-mile connectivity for thousands of residents, ensuring they remain operational without fear of remote tampering is a top priority. The department is coordinating with cybersecurity units to identify other potentially compromised applications that might still be active on the network.
Legitimate battery monitoring tools were exploited by pranksters who bypassed weak Bluetooth security protections on low-cost battery packs.
The response from app stores has been under intense scrutiny as users reported that some versions of the software remained accessible even after initial warnings were issued. This lag in enforcement raises questions about the speed at which Google and other providers can mitigate localized digital threats. Effective governance in the age of internet-connected hardware requires a rapid reaction time that keeps pace with evolving exploit methods. Regulators are now demanding tighter integration between hardware manufacturers and software providers to ensure that security updates can be pushed out instantly.
Future Policy on Digital Tools
Looking toward the future, the government appears prepared to implement a zero-tolerance policy for any software facilitating illegal interference with public mobility. Officials have warned that they will continue to track and neutralize any additional tools identified as posing a threat to transportation infrastructure. This focus on cybersecurity risks marks a turning point in how India manages the intersection of emerging technology and urban logistics. Moving forward, the emphasis will remain on ensuring that convenience does not come at the cost of safety or the reliable operation of essential public services.
KEY TAKEAWAYS
IT Secretary S Krishnan stated that app stores must exercise due diligence to prevent potentially harmful apps from being accessible to the public.
The compromised software allowed unauthorized users to instantly cut power to electric vehicles from a range of 10 to 15 metres.