Study: ESET Research into Security of Smart Sex Toys

Vulnerabilities in smart sex toys could leave users at risk of data breaches and attacks, both cyber and physical, according to a new white paper from global cybersecurity experts at ESET.

The We-Vibe Jive (left) and Lovense Max (right) analysed in the study.

The We-Vibe Jive (left) and Lovense Max (right) analysed in the study.

The “Sex in the Digital Era – How secure are smart sex toys?” report explores the potential security and safety flaws of connected sex toys and includes an in-depth analysis of two popular devices.

Amidst ongoing social restrictions due to the pandemic, sales of sex toys has risen rapidly, and associated cybersecurity concerns mustn’t be overlooked.

As newer, technologically advanced models of sex toys enter the marketplace, incorporating mobile apps, messaging, video chat, and web-based interconnectivity, devices become more appealing and exploitable to cybercriminals.

The consequences of data breaches in this sphere can be particularly disastrous when the information leaked concerns sexual orientation, sexual behaviors, and intimate photos.

ESET researchers found vulnerabilities in the apps controlling both of the smart sex toys investigated.

These vulnerabilities could allow for malware to be installed on the connected phone, firmware to be changed in the toys, or even a device being deliberately modified to cause physical harm to the user.

Analysts downloaded the vendor apps available on the Google Play Store for controlling the devices (We-Connect and Lovense Remote) and used vulnerability analysis frameworks as well as direct analysis techniques to identify flaws in their implementations.

Tags: , , , , , , , ,

Leave a Reply