A hacker has reportedly taken control of people’s internet-connected chastity cages and demanded a ransom to be paid in Bitcoin to unlock it.
“Your cock is mine now,” the hacker told one of the victims, according to a screenshot of the conversation obtained by a security researcher that goes by the name Smelly.
“In October of last year, security researchers found that the manufacturer of an Internet of Things chastity cage—a sex toy that users put around their penis to prevent erections that is used in the BDSM community and can be unlocked remotely—had left an API exposed, giving malicious hackers a chance to take control of the devices,” Motherboard reported this week. “That’s exactly what happened, according to a security researcher who obtained screenshots of conversations between the hacker and several victims, and according to victims interviewed by Motherboard.”
One victim, who asked to be identified only as Robert, said that he received a message from a hacker demanding a payment of 0.02 Bitcoin (around $750 today) to unlock the device.
He realized his cage was definitely “locked,” and he “could not gain access to it.”
“Fortunately I didn’t have this locked on myself while this happened,” Robert said in an online chat.
“I wasn’t the owner of the cage anymore so I didn’t have full control over the cage at any given moment,” another victim who goes by the name RJ told Motherboard in an online chat. RJ said he got a message from the hacker, who said they had control of the cage and wanted a payment to unlock it.
Qiui, the China-based manufacturer of the device, which is named Cellmate, did not respond to a request for comment. A US distributor said in an email to Motherboard that the flaw that allowed the hacker to lock the victims’ cages was fixed in the latest version of the app.
It’s unclear how many people were targeted in the attack.