Cellmate chastity gadget hack thwarted by screwdriver trick

The maker of a male chastity toy that was vulnerable to a hack attack has suggested the device can be easily removed with a screwdriver.

Researchers found a flaw in Cellmate’s app that could have let hackers simultaneously remotely lock all the devices in use, with no manual release.

Now the Chinese firm has defended the product, saying it can be cracked open.

It added that anybody trapped in their chastity toy could also call its customer hotline to be released.

The flaw was found by security firm Pen Test Partners, which shared its findings with Guandong-based Qiui, which makes the Cellmate toy.

As well as being able to lock devices, the researchers discovered a way to fool the server into disclosing the registered name of each device owner, among other personal details, as well as the co-ordinates of every location from where the app had been used.

The researchers shared what they had found with the company, and made their findings public when one of the underlying issues was not fixed.

Qiui has now defended its product, saying: “Wearing a traditional chastity cage – often made of steel – with a classic padlock is much riskier.”

It said the global coronavirus pandemic had delayed its software development, but said it had submitted an updated version of its software to Apple and Google’s app stores.

It rejected suggestions that users could have been trapped by the chastity device, if it had been hacked.

“Although an ‘unpermitted escape’ is not part of the rules of the game, the Cellmate has two emergency escape possibilities,” said Jake Guo, chief executive of Qiui.

As well as contacting the company’s hotline or social media team to trigger an override, it suggested wearers could also “break open the Cellmate cap” using a screwdriver.

To reveal

Cellmate: Male chastity gadget hack could lock users in

Image copyright

Pen Test Partners

Image caption

The Cellmate has been sold via several big-name online retailers as well as niche stores

A security flaw in a hi-tech chastity belt for men made it possible for hackers to remotely lock all the devices in use simultaneously.

The internet-linked sheath has no manual override, so owners might have been faced with the prospect of having to use a grinder or bolt cutter to free themselves from its metal clamp.

The sex toy’s app has been fixed by its Chinese developer after a team of UK security professionals flagged the bug.

They have also published a workaround.

This could be useful to anyone still using the old version of the app who finds themselves locked in as a result of an attacker making use of the revelation.

Any other attempt to cut through the device’s plastic body poses a risk of harm.

Image copyright

Pen Test Partners

Image caption

The workaround involves prising open the circuit board and pressing batteries against two of the wires to trigger a motor

Pen Test Partners (PTP) – the Buckingham-based cyber-security firm involved – has a reputation for bringing quirky discoveries to light, including problems with other sex toys in the past.

It says the latest discovery indicates that the makers of “smart” adult-themed products still have lessons to learn.

“The problem is that manufacturers of these other toys sometimes rush their products to market,” commented Alex Lomas, a researcher at the firm.

“Most times the problem is a disclosure of sensitive personal data, but in this case, you can get physically locked in.”

Lock and clamp

Qiui’s Cellmate Chastity Cage is sold online for about $190 (¬£145) and is marketed as a way for owners to give a partner control over access to their body.

‘Smart’ male chastity device vulnerable to locking by hackers: researchers

A security flaw in an internet-connected male chastity device could allow hackers to remotely lock it — leaving users trapped, researchers have warned.

The Cellmate, produced by Chinese firm Qiui, is a cover that clamps on the base of the male genitals with a hardened steel ring, and does not have a physical key or manual override.

The locking mechanism is controlled with a smartphone app via Bluetooth — marketed as both an anti-cheating and a submission sex play device — but security researchers have found multiple flaws that leave it vulnerable to hacking.

“We discovered that remote attackers could prevent the Bluetooth lock from being opened,¬†permanently locking the user in the device. There is no physical unlock,” British security firm Pen Test Partners said Tuesday.

“An angle grinder or other suitable heavy tool would be required to cut the wearer free.”

The firm also found other security flaws in the Cellmate — listed for $189 on Qiui’s website — that could expose sensitive user information such as names, phone numbers, birthdays and location data.

“It wouldn’t take an attacker more than a couple of days to exfiltrate the entire user database and use it for blackmail or phishing,” PTP’s Alex Lomas wrote in their report on the device.

“A number of countries have oppressive laws that may expose users of these types of devices to unwarranted interest from law enforcement and bigots.”

Qiui did not immediately respond to AFP’s request for comment.

PTP said it reached out to Qiui in April this year, identifying the flaws.

Qiui fixed most of the issues by updating the software, but left the older version active and its users still vulnerable, PTP added, saying other researchers had found similar issues.

Such smart sex toys and devices are among the wave of new

Male chastity gadget hack could lock users in

A security flaw in a hi-tech chastity belt for men made it possible for hackers to remotely lock all the devices in use simultaneously.

The internet-linked sheath has no manual override, so owners might have been faced with the prospect of having to use a grinder or bolt cutter to free themselves from its metal clamp.

The sex toy’s app has been fixed by its Chinese developer after a team of UK security professionals flagged the bug.

They have also published a workaround.

This could be useful to anyone still using the old version of the app who finds themselves locked in as a result of an attacker making use of the revelation.

Any other attempt to cut through the device’s plastic body poses a risk of harm.

Pen Test Partners (PTP) – the Buckingham-based cyber-security firm involved – has a reputation for bringing quirky discoveries to light, including problems with other sex toys in the past.

It says the latest discovery indicates that the makers of “smart” adult-themed products still have lessons to learn.

“The problem is that manufacturers of these other toys sometimes rush their products to market,” commented Alex Lomas, a researcher at the firm.

“Most times the problem is a disclosure of sensitive personal data, but in this case, you can get physically locked in.”

Lock and clamp

Qiui’s Cellmate Chastity Cage is sold online for about $190 (¬£145) and is marketed as a way for owners to give a partner control over access to their body.

Pen Test Partners believe about 40,000 devices have been sold based on the number of IDs that have been granted by its Guangdong-based creator.

The cage wirelessly connects to a smartphone via a Bluetooth signal, which is used to trigger the device’s lock-and-clamp mechanism.

But to achieve this, the