Couples Beware – Could Your Sex Toys Be Spying On You?

Amorous individuals keen to prepare for the cinematic release of the 50 Shades Of Grey or next week’s Valentines Day may be better off cooling their loins for a spell after new security research worryingly uncovered that sex toys can be hacked.

Experts from Pen Test Partners have revealed how certain brands of bedroom products, including many already on the market, can be easily hacked, allowing people to intercept communications and take control of them.

They also warned that one of the toys even captured video, which could easily be accessed.

Is nothing sacred?

Pen Test decided to investigate a range of products from Lovesense, which is well-known for combining technology including videoconferencing in its toys.

“Apparently ‘cyberdildonics’ are set to be the next big thing in sex toys, allowing you to share ‘sensations’ across the internet, and there is no shortage of products from various manufacturers, and even a social media site where you can get some random who you’ll probably never meet to ‘drive’ your sex toy for you,” the company’s Joe Bursell told Forbes.

However the security of registration process offered to users to register their products was full of holes for hackers to exploit, the company found.

“If an attacker could intercept the devices communications they could portray their victim as a monumentally inept in the stimulation department, which would be hilarious and tragic in equal measure,” Bursell continued.

“There was no apparent encryption during the registration process, meaning anyone snooping on the line could get hold of login information,” his colleague Ken Munro added.

Easy access

Pen Test were also concerned at the security certification of the company’s home portal, where users could download different software and specialised programmes to their device.

“It will clearly be trivial to compromise a user’s account and access some quite juicy content, particularly so if the victim is a ‘friend’ in a shared household using the same wireless access point,” said Munro.

The vulnerabilites are the latest worry to those people looking for love online. Last month, a study by cybersecurity firm Synack discovered that dating apps, including Tinder and Grindr, can easily be hacked to reveal users’ exact location.

The researchers explained how they managed to track app users’ movement throughout the day by spoofing requests to the servers behind those apps. An app could transmit user location to its servers insecurely if they data was sent in plaintext or if was not encrypted properly.

The team demonstrated how it was able to abuse the flaw to compile one-time snapshots of 15,000 Grindr users in the San Francisco Bay area, as well as users of the app at the Sochi Olympics.

How much do you know about hacking? Take our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

SoftBank Promises To Invest $100bn In US

Japanese tech investment firm SoftBank promises to invest $100bn during Trump's second term to create…

18 hours ago

Synopsys, SiMa.ai To Collaborate On AI Car Chips

Synopsys to work with start-up SiMa.ai on joint offering to help accelerate development of AI…

18 hours ago

AI Start-Up Basis Raises $34m For Accountancy Agent

Start-up Basis raises $34m in Series A funding round for AI-powered accountancy agent to make…

19 hours ago

Databricks Raises $10bn In Huge AI Funding Round

Data analytics and AI start-up Databricks completes huge $10bn round from major venture capitalists as…

19 hours ago

Congo Files Complaints Against Apple Over Conflict Minerals

Congo files legal complaints against Apple in France, Belgium alleging company 'complicit' in laundering conflict…

20 hours ago