Forum

Major security flaw...
 
Share:
Notifications
Clear all

[Sticky] Major security flaw in Supersoco's App API


ctandi
Posts: 1
Topic starter
(@ctandi)
New Member
Joined: 1 week ago

Hi everyone,

I'm Andrijan Möcker, an editor for heise online (known German IT news portal) and c't Magazine, the biggest printed tech outlet in the DACH area. We have just published a report on a major security flaw regarding Supersoco's App feature and, since the issue is very likely affecting everyone having that GPRS module installed worldwide, also translated that report into English.

https://www.heise.de/hintergrund/Security-Flaw-Reveals-Location-of-Thousands-of-Electric-Vehicles-Phone-numbers-6032889.html

I'm posting on here because I suspect that we might not have the international range to let everyone affected know. Sadly, Supersoco doesn't want to cooperate with the IT security company VTRUST that found the flaw, so the description is only brief in order to not reveal too much to potential thieves. What I can say is that you as owners can't do anything but to remove the GPRS module to protect your bike.

I will try to answer questions on here as best as I can. If you are with a foreign press outlet and want to report on this, please feel free to contact me via amo@ct.de.

Cheers,
Andrijan

1 Reply
Oscar
Posts: 282
Admin
(@oscar)
Owner
Joined: 3 years ago

This is very concerning... hopefully Super Soco will do something. 
In the Netherlands is a company called GOsharing, this company rents the scooters per minute to share. But this would be bad for them if the app isn’t secure. Because as far as I know they use the same software to power on and gps etc.

Reply
Share: