SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Hackers in your bedroom: Hackers targeting smart sex toys
Thu, 31st Dec 2020
FYI, this story is more than a year old

New research has revealed hackers have the ability to not only get into a person's computer, but also into smart sex devices.

A group of researchers reported vulnerabilities in an internet-enabled male chastity cage. This is not the first time adult sex toys or intimate tools are found vulnerable. In 2018, at least 50,000 users were exposed by the sex toy “Vibratissimo Panty Buster”.

“Smart devices are wading into every facet of our lives. Unfortunately, because of that, what once sounded like a plot for a science fiction movie has now become a reality. We've all heard about hacked baby monitors, cars, light bulbs, and toys. It seems that the time has come for intimate appliances as well. There's even a word for such appliances — teledildonics,” explains Daniel Markuson, a digital privacy expert at NordVPN.

The Cellmate Chastity Cage, which costs almost 200$, was dubbed “the world's first app-controlled chastity device.” However, this niche IoT product and its app have so many security vulnerabilities that hackers can take permanent control over the device and trap the victim's genitals. Even more concerning is the fact that wrongdoers can do this remotely.

Another famous vulnerability of a teledildonic tool was found in 2018. Back then, the private sex life of at least 50,000 users had been exposed by the sex toy “Vibratissimo Panty Buster”. Multiple vulnerabilities put at risk not only the privacy and data but also the physical safety of the owners. All the customers' data was accessible via the internet in clear text, including explicit images, chats, sexual preferences, emails, and passwords. But that's not the worst part of it. The “Panty Buster” toys could be hacked to remotely inflict sexual pleasure on victims without their consent.

Markuson says most internet-connected devices lack the security features that are standard in computers, tablets, and even smartphones.

That's why before bringing any IoT device home, be it a new sex toy or a smart thermostat, you should always consider whether it's “smartness” really benefits you.

“Of course, this doesn't mean that if something can be hacked, it will be, but staying cautious can do no harm. If you are planning to buy a smart device, especially if it's teledildonic, do your research," Markuson says.

"Check users' reviews, comments, and even articles in the media. If the device is flawed, there's a good chance that someone's already noticed that."

Another important step, according to Markuson, is to change the default factory passwords.

“Do this the moment you unbox your new smart device. And don't forget that all your passwords must be unique and strong. This means that you should create them with capital letters, numbers, and symbols," he says.

The final advice is keeping up with updates. Manufacturers often release updates that fix critical security vulnerabilities, and it's important to install those updates as soon as they're available.