A new form of alleged cyber fraud targeting e-rickshaw drivers has surfaced in Madhya Pradesh, where investigators claim a suspect remotely disabled vehicles by accessing their Battery Management Systems (BMS) through a mobile application and then posed as a mechanic to charge ₹200–₹300 for restoring them. Police have arrested one suspect in Ujjain, while similar complaints have also emerged from Bhopal.
According to police, more than half a dozen e-rickshaws in Ujjain suddenly stopped while in operation over the past four to five days. In each case, a young man allegedly arrived shortly afterward, identified himself as a mechanic and restarted the vehicle within minutes after collecting ₹300. The repeated pattern raised suspicion among the E-rickshaw Association, which subsequently lodged a complaint with the police.
Following the complaint, police advised drivers to remain vigilant and report any suspicious individuals. On Wednesday evening, an e-rickshaw reportedly broke down near Loti School Square. Shortly afterward, a man demanded ₹300 to repair it. The driver detained him and handed him over to the police.
Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference
During interrogation, the suspect was identified as 18-year-old Ritesh Bhanupa. Police allege that he used the BAT BMS mobile application to connect via Bluetooth to the Battery Management Systems of nearby e-rickshaws. Investigators claim that if the BMS was not protected by a password, he remotely locked the vehicle and later unlocked it after collecting money from the driver.
Some drivers also claimed that e-rickshaws parked outside their homes suddenly failed to start. Others said they received an application from the manufacturer that enabled them to restart not only their own vehicles but also those of other drivers. One driver claimed he restarted 10 to 15 e-rickshaws within a 24-hour period using the same application.
In Bhopal’s old city, several e-rickshaw drivers also alleged that their batteries were locked through a mobile app, causing vehicles to stop midway during trips. The incidents reportedly inconvenienced both drivers and passengers and led to disputes at several locations. Some drivers further alleged that they were charged up to ₹400 at company service centres to unlock their batteries. These allegations have not been independently verified.
Police said the BAT BMS application is publicly available. Investigators are examining possible security vulnerabilities in the Battery Management Systems of the affected e-rickshaw models and how those weaknesses were allegedly exploited. Authorities are also investigating whether other applications, including Xiaoxiang, were similarly used.
Renowned cybercrime expert and former IPS officer Prof. Triveni Singh said internet-connected vehicles and smart devices are becoming an emerging target for cybercriminals. He noted that if a device’s Bluetooth interface or control system is not protected through strong passwords or secure authentication, it may be vulnerable to misuse. He advised e-rickshaw owners to enable strong Bluetooth passwords, rely only on authorised service centres for technical assistance and avoid making payments to unknown individuals claiming to repair their vehicles.
Police said a case has been registered and the investigation is underway. Authorities are attempting to determine how many e-rickshaw drivers were allegedly targeted and whether additional individuals were involved in the suspected cyber fraud. Drivers have been advised not to pay unknown persons if their vehicles suddenly stop functioning and instead contact the authorised company, service centre or the police for assistance.
