unilad
Advert

Hackers Trap People In Their Smart Chasity Belt For Days

by : Freelancer One on : 07 Oct 2020 10:00
Qiui's Smart Chastity BeltPen Test Partners

It has emerged that the world’s first ‘smart’ app-enabled chastity belt has been vulnerable to hacking for months, as users report grim injuries after being locked in by cyber criminals.

The Qiui Cellmate chastity cage is exactly what you think – a cage for a man’s genitals that can be locked and unlocked at the push of a button within the accompanying app. But users have been reporting issues since June to Pen Test Partners, a UK-based cyber security testing company, and due to ‘multiple API flaws’, anyone could hack all the devices and prevent users from releasing themselves.

Advert

Is this too grim a story for a Wednesday morning?

Pen Test Partners MemePen Test Partners

Men, look away now – Pen Test Partners said the only way a user’s treasure could be released from the cage was by either the hacker choosing to unlock the device or by using ‘an angle grinder or similar’.

Speaking to TechCrunch, one user said ‘the app stopped working completely after three days and I am stuck’, while another said they ‘got already stuck twice when wearing it due to the unreliable app’.

Advert

Another user said:

It worked for about a month until I almost got stuck in it. Thankfully it unlocked itself randomly and I was able to get out of it. The device left a bad scar that took nearly a month of recovery.

Exploiting the API flaw – an API acts as a messenger of data between two devices – hackers could intercept code that not only allowed them to seize control of the cage, but also discover other sensitive information such as the user’s location, the password used for the app, and other personal information.

Advert
News

Hackers Are Now Holding People Trapped In Smart Chastity Belts To Ransom

published ata year ago

Pen Test Partners approached the product manufacturer before going public this week. The first contact was made in April 2020 with the product’s technical team, who promised a fix by June 6.

Come June 11, the accompanying app launched an update that fixed most of the issues, but faulty APIs were still active and returning user’s locations. Pen Test Partners then contacted the technical team again regarding the residual issues, to which they offered no response.

They then partnered with a journalist to get the issue fixed. They received a reply this time but were told by the team they only had a small budget and didn’t want to – or couldn’t – fix the remaining issue. Pen Test Partners even offered potential fixes for the team, free of charge, and translated into Chinese for their benefit; there was no response.

Pen Test Partners Circuit BoardPen Test Partners
Advert

Pen Test Partners decided to go public after getting UK retailers to stop selling the product and encountering other researchers who had been dealing with company regarding similar issues. These other researchers had equally difficult experiences with Qiui.

The cyber security researchers also published their own workarounds for anyone still experiencing issues with the device. The best method involved prizing the circuit board out of the device and using two AA batteries to power the unlock mechanism.

If you have a story you want to tell, send it to UNILAD via [email protected]

Most Read StoriesMost Read

News

Doomsday Clock Strikes 100 Seconds To Midnight Again

Topics: News, App, Cyber Security, danger, Hacking, Now, Privacy

Credits

TechCrunch
  1. TechCrunch

    Security flaw left 'smart' chastity sex toy users at risk of permanent lock-in