Today, researchers have exposed common weaknesses lurking in the latest smart sex toys that can be exploited by attackers. As more as more adult toy brands enter the market, given that the COVID-19 situation has led to a rapid increase in sex toy sales, researchers believe a discussion around the security of these devices is vital. In examples provided by the researchers, technologies like Bluetooth and inadequately secured remote APIs make these IoT personal devices vulnerable to attacks that go beyond just compromising user privacy. ESET security researchers Denise Giusto Bilić and Cecilia Pastorino have shed light on some weaknesses lurking in smart sex toys, including the newer models. The main concern highlighted by the researchers is, that newer wearables like smart sex toys are equipped with many features such as online conferencing, messaging, internet access, and Bluetooth connectively. This increased connectivity also opens doors to these devices being taken over and abused by attackers. The researchers explain most of these smart devices feature two channels of connectivity. Firstly, the connectivity between a smartphone user and the device itself is established over Bluetooth Low Energy (BLE), with the user running the smart toy's app. Secondly, the communication between a remotely located sexual partner and the app controlling the device is established over the internet. To bridge the gap between one's distant lover and the sex toy user, smart sex toys, like any other IoT device, use servers with API endpoints handling the requests. "In some cases, this cloud service also acts as an intermediary between partners using features like chat, videoconferencing and file transfers, or even giving remote control of their devices to a partner," explained Bilić and Pastorino in a report. But, the researchers state that the information processed by sex toys consists of highly sensitive data such as names, sexual orientation, gender, a list of sexual partners, private photos and videos, among other pieces, which, if leaked can adversely compromise a user's privacy. This is especially true if sextortion scammers get creative after getting their hands on such private information. More importantly, though, the researchers express concern over these IoT devices being compromised and weaponized by the attackers for malicious actions, or to physically harm the user. This can, for example, happen if the sex toy gets overheated. "And finally, what are the consequences of someone being able to take control of a sexual device without consent, while it is being used, and send different commands to the device?" "Is an attack on a sexual device sexual abuse and could it even lead to a sexual assault charge?" Bilić and Pastorino further stress. To demonstrate the seriousness of these weaknesses, the researchers conducted proof-of-concept exploits on the Max by Lovense and We-Vibe Jive smart sex toys. Both of these devices were found to use the least secure "Just Works" method of Bluetooth pairing. Using the BtleJuice framework, and two BLE dongles, the researchers were able to demonstrate how a Man-in-the-Middle (MitM) attacker could take control of the devices and capture the packets. The attacker can then re-broadcast these packets after tampering with them to change settings like vibration mode, intensity, and even inject their other commands. Likewise, the API endpoints used to connect a remote lover (sexual partner) to the user make use of a token which wasn't awfully hard to brute-force. Want more visit OUR FORUM.