Hackers gained remote control over the chastity belts devices using ransomware

The source code for the ChasityLock ransomware has become publicly available for research purposes after the attack that targeted male users of a specific adult toy - Qiui Cellmate chastity device. The vulnerability in Qiui Cellmate device allowed hackers to gain control over the device, since making a request to any API endpoint didn't require authentication, and using the six-digit "friend code" would grant the attackers a lot of personal information about the user, including the location and phone number. An attacker then began targeting Qiui Cellmate mobile app users and forced them to pay 0.02 bitcoins to get the control back. Read more...