Chastity belt glitch allows hackers to remotely ‘lock everybody in’

An electronic chastity belt product contained a bug that could allow would-be hackers to “lock everybody in” at the same time, a cyber-security firm has said.

The Chinese developer of the sex toy has now fixed its app, reports the BBC; however, those using the old version of the app could stilll be at risk, although Buckingham-based group the Pen Test Partners (PTP), who made the initial discovery, have published a workaround.

The Cellmate Chastity Cage by Qiui currently retails here for $189.00 (£147).

Speaking to Attitude, PTP’s Alex lomas said: “My advice would probably be to stop wearing the device for now, until Qiui have an opportunity to fully fix the issues. As Qiui noted in their statement to Techcrunch ‘When we fix it, it creates more problems’ so I’d be inclined to wait until they get things sorted.

“The bigger issue of course is that Qiui hold a large amount of intimate and personal data, including users’ locations, and really there’s not much that users can do about this until Qiui address the vulnerabilities. We’ve heard from one of their users that they’ve been waiting for months for Qiui to even acknowledge a request to delete their account and data as well.

“The issues with this product aren’t particularly specific to ‘smart’ sex toys, we find similar issues with smart watches, garage door openers, even wifi-enabled kettles, but the bigger problem with sex toys (and dating apps) is that they’re handling very sensitive information and putting people’s physical safety at risk. I do feel that vendors in this space should be held to a higher standard than say an internet-connected light bulb.”

“You give permission to lock to someone you trust”

Explaining the issue on a YouTube video, PTP’s Ken Munro said: “Over the years we’ve looked at a number of smart adult toys, raising concerns.

“My esteemed colleague Alex Lomas […] has been looking at this device, which is wonderful: a male chastity device. The idea is you put the appendage in here, you put a clamp on behind the testicles and you’re then well and truly locked in.

“It’s smart, so it’s locked under Bluetooth, so you can use a smartphone to lock it. There’s a mobile app, an API.

“Then, being a chastity device, you then give permission to lock to someone you trust, who then has control over your… device.

“Unfortunately Alex found an insecure direct object reference in the API. It meant he could take over everyone’s chastity device and lock everybody in.

“Believe it or not there’s no manual unlock, key or override. The only way to get out is to cut through this, which is hardened steel and given where it’s a that’s going to be quite difficult to get yourself out of.

“Now, it’s not for us to kink-shame. If people want to use these devices that’s absolutely fine with us. I just think people should be able to use these securely and safely.”

Munro added: “Unfortunately many adult toys are let down by their lack of attention to security which really exposes their users.”

PTP also shared the long history of their correspondance with QIUI on the matter.

Attitude has approached QIUI for comment.