A security flaw in an Internet-connected male chastity device could allow hackers to remotely lock it — leaving users trapped, researchers have said.
The Cellmate, produced by Chinese firm Qiui, is a cover that clamps on the base of the male genitals with a hardened steel ring, and does not have a physical key or manual override.
The locking mechanism is controlled with a smartphone app via Bluetooth — marketed as both an anti-cheating and a submission sex play device — but security researchers have found multiple flaws that leave it vulnerable to hacking.
“We discovered that remote attackers could prevent the Bluetooth lock from being opened, permanently locking the user in the device. There is no physical unlock,” British security firm Pen Test Partners (PTP) said on Tuesday. “An angle grinder or other suitable heavy tool would be required to cut the wearer free.”
The firm also found other security flaws in the Cellmate — listed for US$189 on Qiui’s Web site — that could expose sensitive user information such as names, telephone numbers, birthdays and location data.
“It wouldn’t take an attacker more than a couple of days to exfiltrate the entire user database and use it for blackmail or phishing,” PTP’s Alex Lomas wrote in the report on the device.
“A number of countries have oppressive laws that may expose users of these types of devices to unwarranted interest from law enforcement and bigots,” Lomas wrote.
Qiui did not immediately respond to a request for comment.
PTP said it reached out to Qiui in April, identifying the flaws.
Qiui fixed most of the issues by updating the software, but left the older version active and its users still vulnerable, PTP said, adding that other researchers had found similar issues.
Such smart sex toys and devices are among the wave of new “Internet of things” products and appliances introduced in the past few years that are online and capable of being operated remotely.
Their connectivity has also made them vulnerable to security breaches and privacy violations.
The Canadian maker of a smart vibrator agreed to a multimillion-dollar settlement in 2017 after it was sued for collecting sensitive user information, though it did not admit any wrongdoing.
Drug lord Jose Adolfo Macias Villamar, alias “Fito,” was Ecuador’s most-wanted fugitive before his arrest on Wednesday, more than a year after he escaped prison from where he commanded the country’s leading criminal gang. The former taxi driver turned crime boss became the prime target of law enforcement early last year after escaping from a prison in the southwestern port of Guayaquil. Ecuadoran President Daniel Noboa’s government released “wanted” posters with images of his face and offered US$1 million for information leading to his capture. In a country plagued by crime, members of Fito’s gang, Los Choneros, have responded with violence, using car
CYBERCRIME, TRAFFICKING: A ‘pattern of state failures’ allowed the billion-dollar industry to flourish, including failures to investigate human rights abuses, it said Human rights group Amnesty International yesterday accused Cambodia’s government of “deliberately ignoring” abuses by cybercrime gangs that have trafficked people from across the world, including children, into slavery at brutal scam compounds. The London-based group said in a report that it had identified 53 scam centers and dozens more suspected sites across the country, including in the Southeast Asian nation’s capital, Phnom Penh. The prison-like compounds were ringed by high fences with razor wire, guarded by armed men and staffed by trafficking victims forced to defraud people across the globe, with those inside subjected to punishments including shocks from electric batons, confinement
The team behind the long-awaited Vera Rubin Observatory in Chile yesterday published their first images, revealing breathtaking views of star-forming regions as well as distant galaxies. More than two decades in the making, the giant US-funded telescope sits perched at the summit of Cerro Pachon in central Chile, where dark skies and dry air provide ideal conditions for observing the cosmos. One of the debut images is a composite of 678 exposures taken over just seven hours, capturing the Trifid Nebula and the Lagoon Nebula — both several thousand light-years from Earth — glowing in vivid pinks against orange-red backdrops. The new image
Canada and the EU on Monday signed a defense and security pact as the transatlantic partners seek to better confront Russia, with worries over Washington’s reliability under US President Donald Trump. The deal was announced after a summit in Brussels between Canadian Prime Minister Mark Carney and European Commission President Ursula von der Leyen and European Council President Antonio Costa. “While NATO remains the cornerstone of our collective defense, this partnership will allow us to strengthen our preparedness ... to invest more and to invest smarter,” Costa told a news conference. “It opens new opportunities for companies on both sides of the
RSS