Manufacturer of 'smart chastity belt' turns out to be disclosing passwords and location information



It has been revealed that there were some glitches in the server of a device that smartly manages chastity, and users' email addresses, plaintext passwords, location information, etc. were exposed.

Maker of 'smart' chastity cage left users' emails, passwords, and locations exposed | TechCrunch

https://techcrunch.com/2023/09/02/smart-chastity-cage-emails-passwords-location/



According to security researchers contacted by tech media outlet TechCrunch, a maker of chastity devices that transfer control of the penis to a partner via the internet has been unable to access users' email addresses, passwords, addresses, IP addresses, GPS, etc. due to a server flaw. It is said that the coordinates and PayPal payment log have been made public.

The researcher claims to have had access to the records of more than 10,000 people, and contacted the manufacturer on June 17, 2023, asking for the vulnerability to be fixed and user data to be protected. However, after getting no response from the manufacturer, the researchers hacked the company's homepage and posted the following message: ``This site has been disabled by a well-intentioned third party. We are making it possible to retrieve information, including plaintext passwords and addresses. You're welcome!'' The message was displayed.



However, the manufacturer did not take any action and simply deleted the message and restored the website. The researcher said, ``The company hasn't fixed the vulnerability yet. All the information is too easily exploited. It's irresponsible. My best hope is that the manufacturer fixes everything.'' It's all you can do for me.'

TechCrunch is not publishing the company name because the vulnerability has not been fixed. TechCrunch has contacted the company's provider and asked them to issue a warning through the provider, but it seems that we have not heard back from the manufacturer yet.



The penis-specific chastity belt sold by the company is said to allow you to manage your partner's chastity anywhere in the world by operating an Android app.

This is not the first time that hackers have exploited vulnerabilities in chastity belts, and in 2021 there have also been incidents in which hackers locked chastity belts that were already installed. At this time, the hacker sent a message to the victim saying ``Your penis is mine'' and demanded a ransom.

A smart chastity belt that can lock male genitals via Bluetooth becomes prey to hackers and a ransom is demanded - GIGAZINE



in Hardware,   Security, Posted by log1p_kr