A suspected cyber-enabled fraud targeting e-rickshaw drivers has come under investigation in Madhya Pradesh after police alleged that a mobile application was used to remotely lock Battery Management Systems (BMS), forcing drivers to seek paid assistance to restart their vehicles.
Police in Ujjain have arrested one suspect, while similar complaints have also surfaced from Bhopal, raising concerns over the cybersecurity of connected electric vehicles and the protection of Bluetooth-enabled control systems.
Repeated Breakdowns Raised Suspicion Among Drivers
According to investigators, more than half a dozen e-rickshaws in Ujjain reportedly stopped functioning unexpectedly over the past few days while they were in operation.
Drivers alleged that shortly after each breakdown, a young man would arrive at the location, introduce himself as a mechanic and restore the vehicle's functionality within minutes after collecting approximately ₹300.
The recurring pattern prompted members of the local E-Rickshaw Association to suspect organised misconduct, following which a complaint was submitted to the police.
Suspect Arrested After Driver Alerted Police
Police advised drivers to remain vigilant and immediately report any suspicious activity.
On Wednesday evening, an e-rickshaw reportedly became inoperative near Loti School Square. Soon afterwards, a man allegedly approached the driver and demanded ₹300 to repair the vehicle.
Instead of making the payment, the driver detained the individual and handed him over to the police for questioning.
Investigators later identified the suspect as 18-year-old Ritesh Bhanupa.
Police Examine Alleged Battery Management System Exploitation
During the investigation, police alleged that the suspect used the BAT BMS mobile application to establish Bluetooth connectivity with nearby e-rickshaw Battery Management Systems.
According to investigators, if the affected BMS lacked password protection, the suspect was allegedly able to remotely lock the battery through the application and later unlock it after collecting money from the driver.
Authorities are currently examining whether vulnerabilities within the Battery Management Systems made the vehicles susceptible to such unauthorised access.
Police are also investigating whether other publicly available applications, including Xiaoxiang, may have been used in a similar manner.
Similar Complaints Surface in Bhopal
Several e-rickshaw drivers in Bhopal's old city have also claimed that their batteries unexpectedly became locked while operating their vehicles, causing breakdowns during passenger trips.
Some drivers alleged they were later charged by service centres to restore battery functionality. These claims, however, have not been independently verified by authorities.
Investigators are now assessing whether the reported incidents share a common technical pattern or involve separate causes.
Cybersecurity Experts Highlight Growing Risks for Connected Vehicles
Cybersecurity experts say the incident reflects the increasing security challenges associated with internet-connected and Bluetooth-enabled devices.
According to experts, connected vehicles equipped with poorly secured Bluetooth interfaces or weak authentication mechanisms may become vulnerable to unauthorised access if appropriate cybersecurity measures are not implemented.
Vehicle owners have been advised to enable strong Bluetooth passwords, regularly update device firmware, rely only on authorised service centres and avoid making payments to unknown individuals claiming to offer immediate technical assistance.
Businesses involved in connected mobility technologies can further strengthen operational security through regular cybersecurity assessments and auditing services in india, helping identify technical vulnerabilities before they can be exploited.
Police Continue Investigation
Police have registered a case and are continuing their investigation to determine how many drivers may have been affected and whether additional individuals were involved.
Authorities are analysing the applications, digital evidence and technical configurations of the affected Battery Management Systems to understand the alleged method used to disable the vehicles.
Drivers have also been advised to contact authorised manufacturers or police officials if their vehicles suddenly stop functioning under suspicious circumstances.
Conclusion
The alleged e-rickshaw battery locking scam highlights how connected technologies can create new opportunities for cyber-enabled fraud when security controls are inadequate. As electric mobility continues to expand across India, manufacturers, service providers and users alike will need to prioritise cybersecurity alongside physical safety.
The ongoing investigation is expected to provide greater clarity on whether software vulnerabilities, weak authentication or deliberate misuse of publicly available applications enabled the alleged incidents.
Shunyatax Global Insight
As vehicles become increasingly connected through Bluetooth, mobile applications and IoT-enabled control systems, cybersecurity is emerging as an essential aspect of transportation safety. Weak authentication, unsecured device configurations and inadequate software controls can expose both consumers and businesses to financial loss and operational disruption.
Shunyatax Global believes manufacturers, fleet operators and technology providers should conduct regular cybersecurity risk assessments, software audits and compliance reviews to identify vulnerabilities before they are exploited. Independent auditing services in india can play a vital role in evaluating internal security controls, strengthening governance frameworks and ensuring connected technologies remain resilient against evolving cyber threats.