Hacker kidnaps chastity belt and asks for Bitcoin ransom

A connected chastity belt called CellMate, which has known security holes, allows hackers to “hijack” users’ penises. According to reports obtained by Motherboard, at least two people had the product locked away by cybercriminals and received a ransom demand in Bitcoin, but ended up escaping the scam.

According to the website, users received a message from cybercriminals saying “your penis is mine now”. Hackers asked for a payment of 0.02 bitcoin to release the device, which is approximately R$4,000.

The CellMate owners who talked to the Motherboard reported that they were not wearing the attached chastity belt at the time the hackers took control of the device. In other words, attempts to kidnap the genitals and ask for a ransom have failed in known cases.

Unresolved failures

The CellMate is a connected chastity belt produced by Chinese company Qiui. The product works with an application-controlled lock, which has serious security holes in its code.

Experts discovered in October of last year that the CellMate application API has several security vulnerabilities. In addition to allowing hackers to take control of the mechanism for trapping the penis, Qiui’s technology does not protect data such as users’ location and password.

Qiui has been aware of the problems with its device since the middle of last year. However, as reports of attacks attest, the company has not yet fixed the security flaws of the peculiar connected device.