Hacker ‘locks up victims’ PENISES’ using ‘smart’ chastity cages – and demands $750 ransom
A HACKER has reportedly attempted to trap the penises of people using internet-controlled chastity cages and demanded a ransom.
The cybercriminal was said to ask for Bitcoin to be sent to them before they would consider releasing victims from the Cellmate contraption.
Dubbed the Qiui Cellmate, the sex toy is billed as the "world’s first app controlled chastity device" and is reportedly used by tens of thousands of people across the globe.
The wearer's penis is placed inside a metal tube which can then be locked or freed from a ring that sits at the base of the genitals.
By connecting the toy to a phone via Bluetooth, a partner can control it with the push of a button on a connected app.
Tech like this is said to be a popular BDSM accessory.
According to , there have been several victims of the chastity belt hack.
One person told the publication that the hacker told them: “Your cock is mine now".
Luckily, non of the victims who spoke to Motherboard said they were wearing their Cellmate sex toy at the time.
The hacker was said to be after $750 worth of cryptocurrency.
It's unclear how many people were targeted in the attack.
A security flaw on the Cellmate app was first noticed in October 2020.
It was spotted by researchers at Brit cyber security firm Pen Test Partners, who published their in a blog post.
"Remote attackers could prevent the Bluetooth lock from being opened, permanently locking the user in the device" researcher Alex Lomas said.
"There is no physical unlock. An angle grinder or other suitable heavy tool would be required to cut the wearer free."
The flaw found was linked to the smartphone app that connects to the Cellmate, Alex said.
The app communicates with the sex toy's lock using an API, a piece of software that allows two bits of tech to talk to one another.
However, Qiui, the China-based firm behind the toy, did not ensure the API was secured with a username and password, exposing it to almost anyone.
Alex said an attacker could easily lock “everyone in or out” in an instant.
"There is no emergency override function either, so if you’re locked in there’s no way out," he wrote last year.
Since the flaw was made public it was arguably only a matter of time before someone tried to exploit it.
We have reached out to Qiui, the device's maker, for comment.
How to stay safe from hackers
- Protect your devices and networks by keeping them up to date: use the latest supported versions, use anti-virus and scan regularly to guard against known malware threats.
- Use multi-factor authentication to reduce the impact of password compromises.
- Tell staff how to report suspected phishing emails, and ensure they feel confident to do so, investigate their reports promptly and thoroughly.
- Set up a security monitoring capability so you are collecting the data that will be needed to analyse network intrusions
- Prevent and detect lateral movement in your organisation’s networks.
Most read in Phones & Gadgets
In other news, a new tool called "Bufferi.ng" claims it can help people fake a bad video call connection so you can take a break from meetings.
A WhatsApp bug could let total strangers join your group chats and steal your phone number.
READ MORE SUN STORIES
And, Donald Trump has banned eight major Chinese apps from operating in the United States as part of efforts to protect national security.
What are your thoughts on the chastity cage hacking? Let us know in the comments...
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]