Cellmate chastity gadget hack thwarted by screwdriver trick

The maker of a male chastity toy that was vulnerable to a hack attack has suggested the device can be easily removed with a screwdriver.

Researchers found a flaw in Cellmate’s app that could have let hackers simultaneously remotely lock all the devices in use, with no manual release.

Now the Chinese firm has defended the product, saying it can be cracked open.

It added that anybody trapped in their chastity toy could also call its customer hotline to be released.

The flaw was found by security firm Pen Test Partners, which shared its findings with Guandong-based Qiui, which makes the Cellmate toy.

As well as being able to lock devices, the researchers discovered a way to fool the server into disclosing the registered name of each device owner, among other personal details, as well as the co-ordinates of every location from where the app had been used.

The researchers shared what they had found with the company, and made their findings public when one of the underlying issues was not fixed.

Qiui has now defended its product, saying: “Wearing a traditional chastity cage – often made of steel – with a classic padlock is much riskier.”

It said the global coronavirus pandemic had delayed its software development, but said it had submitted an updated version of its software to Apple and Google’s app stores.

It rejected suggestions that users could have been trapped by the chastity device, if it had been hacked.

“Although an ‘unpermitted escape’ is not part of the rules of the game, the Cellmate has two emergency escape possibilities,” said Jake Guo, chief executive of Qiui.

As well as contacting the company’s hotline or social media team to trigger an override, it suggested wearers could also “break open the Cellmate cap” using a screwdriver.

To reveal

Cellmate: Male chastity gadget hack could lock users in

Image copyright

Pen Test Partners

Image caption

The Cellmate has been sold via several big-name online retailers as well as niche stores

A security flaw in a hi-tech chastity belt for men made it possible for hackers to remotely lock all the devices in use simultaneously.

The internet-linked sheath has no manual override, so owners might have been faced with the prospect of having to use a grinder or bolt cutter to free themselves from its metal clamp.

The sex toy’s app has been fixed by its Chinese developer after a team of UK security professionals flagged the bug.

They have also published a workaround.

This could be useful to anyone still using the old version of the app who finds themselves locked in as a result of an attacker making use of the revelation.

Any other attempt to cut through the device’s plastic body poses a risk of harm.

Image copyright

Pen Test Partners

Image caption

The workaround involves prising open the circuit board and pressing batteries against two of the wires to trigger a motor

Pen Test Partners (PTP) – the Buckingham-based cyber-security firm involved – has a reputation for bringing quirky discoveries to light, including problems with other sex toys in the past.

It says the latest discovery indicates that the makers of “smart” adult-themed products still have lessons to learn.

“The problem is that manufacturers of these other toys sometimes rush their products to market,” commented Alex Lomas, a researcher at the firm.

“Most times the problem is a disclosure of sensitive personal data, but in this case, you can get physically locked in.”

Lock and clamp

Qiui’s Cellmate Chastity Cage is sold online for about $190 (£145) and is marketed as a way for owners to give a partner control over access to their body.