Homepage News Details
Chinese Tsinghua University Researcher Finds Public Charger Vulnerabilities Could Paralyze Cities
2026-06-05 09:37
Favorite

en.Wedoany.com Reported - At the Black Hat Asia conference, Hetian Shi, a hardware and IoT security researcher at China's Tsinghua University, pointed out that developers of rental IoT infrastructure (such as public electric vehicle chargers and shared e-bikes) prioritize user convenience over security, leaving services vulnerable to large-scale denial-of-service attacks.

Shi stated that the characteristics of rental IoT services create unique security issues: anyone can access the devices and inspect vulnerabilities. The researcher probed with permission and responsibly disclosed his findings. He discovered that some rental devices contain debug ports or UART connectors, allowing educated attackers to easily examine their operation. His research also revealed shared authentication keys in device firmware and backend services that fail to properly verify users.

The researcher investigated applications released by rental IoT providers, which consumers use to access services. He again found weak security measures, enabling him to create virtual clients indistinguishable from real customers. Using virtual clients, attackers could charge cars or rent scooters at zero cost. Shi said the techniques he developed could also expose personal information by revealing the backend of rental IoT services.

He created a tool called "IDScope" that exploits many of the discovered vulnerabilities. During his presentation, he demonstrated by running an iOS app from a Chinese public EV charging station provider. Shi asked the audience to choose a Chinese city—Shanghai became a popular choice—then searched for available chargers at People's Square. He asked the audience to select which available charger to attack, noted its ID number in the app, and entered it into a script. Within one or two seconds, the charger's icon in the app changed from green (indicating available for charging) to gray (indicating a disabled port). The demonstration earned spontaneous applause from the audience.

Shi believes his techniques could also achieve denial of service on a significant scale, potentially paralyzing an entire city's EV charger network. The researcher tested 11 apps released by European shared bike and scooter providers and found similar issues, suggesting his findings would apply elsewhere. He speculated that the discovered vulnerabilities result from developers trying to build services users find convenient, at the expense of security.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com

China
Power Grid ProjectEnergy EngineeringInformation and CommunicationInformation Security and Data Security Engineering
Previous:Suriname's Telesur Selects Squire Technologies to Replace Ribbon SBC
Next:DXC, a US enterprise technology service provider, upgrades the technical infrastructure of If, a Nordic insurance group
Related Products
Negotiable
Unit SL3.X/160
Sinovel Wind Group Co., Ltd.
Negotiable
haohan Generation & Grid-side Energy Storage
BYD Energy Storage
Negotiable
One-Piece DC Charger
Weihai Guangtai Airport Equipment Co., Ltd.
Negotiable
220kV and Below Voltage Level Energy-saving Oil-immersed Power Transformers
FuZhou TianYu Electric Co., Ltd.
Negotiable
Forest and Grassland Heat Source Infrared Monitor
China Huayun Meteorological Technology Group Co., Ltd.
Negotiable
40.5kV-1100kV Gas Insulated Metal-Enclosed Switchgear (GIS)
Henan Pinggao Electric Co., Ltd.
Negotiable
Hydraulic Turbine Genset
Dongfang Electric Corporation Dongfang Electric Machinery Co., Ltd.
Negotiable
KYN28A-12 Metal Armored Removable Switchgear
Tianjin Ping Gao Intelligent Electric Co., Ltd.
Negotiable
Low Carbon Steel Shot
ZIBO TAA METAL TECHNOLOGY CO., LTD.
Negotiable
WJ-GP Gas Emergency Shut-off Valve
Zhejiang WEAJA Electronic Technology Co., Ltd.
Negotiable
Prefabricated Substation (Hua-style)
Shandong TaiLai Electric Co., Ltd.
Negotiable
Truck Power Series-Y24
GUANGXI YUCHAI MACHINERY CO.,LTD.
Related Recommendations
China's Weiheng Intelligence Launches AI-Native Energy Storage Operating System, Boosting Revenue by 8%-15%
2026-06-05
UAE's EtihadWE Invests AED 2 Billion Annually in Capacity Expansion and Upgrades
2026-06-05
U.S. Homeostasis Secures Saudi Aramco LAB7 Support to Advance Carbon-to-Graphite Technology
2026-06-05
Pakistan Issues Tender for 1 Million Tons of LNG to Meet Summer Power Demand
2026-06-05
Van Oord completes cable installation for Germany's 315 MW Windanker offshore wind farm
2026-06-05
Malaysia's Petronas Partners to Assess Offshore Block Recovery Enhancement
2026-06-05
Wärtsilä Secures 452 MW Contract and O&M Agreement for Pecos Power Plant in the US
2026-06-05
China's Internal Combustion Engine Sales Reach 4.7272 Million Units in April 2026, Up 9.01% Year-on-Year
2026-06-05
US Deep Fission Partners with D&Z to Build 15 MWe Underground Reactors
2026-06-05
China's Risen Energy Unveils New C&I Energy Storage Products at SNEC and Signs Agreements with Two State-Owned Enterprises
2026-06-05
Lastest Bulletin
1
US TiVo Ads Partners with Tunnl to Expand Local TV Viewership Data
2
Shenzhen, China to Kathmandu, Nepal Air Route Launched
3
MTN Zambia Deploys Huawei's Five-Band Indoor 5G Solution at Mulungushi Conference Center
4
India's Data Center Installed Capacity Expected to Reach 2GW by 2027, Edge Computing Deployment Accelerates
5
Highland Copper Plans Updated Feasibility Study for Copperwood Project by Q1 2027
6
Canada's Solstice Gold Discovers High-Grade Gold and Polymetallic Deposits
7
Nigeria Launches NUCAP Telecom Initiative, Deploying 3,700 Towers to Connect 20 Million People
8
Chinese dancer Wu Yufei advances to next round on America's Got Talent with eight Unitree robots, receiving unanimous votes
9
Shenzhen HOPERF Completes IPO Tutoring, Sprinting for A-Share Listing After Over Three Years
10
China's Weiheng Intelligence Launches AI-Native Energy Storage Operating System, Boosting Revenue by 8%-15%