The uniquely and horribly named Svakom Siime Eye is an Internet of Things sex toy with a wireless camera that allows you to stream video from inside your orifices as they are penetrated by it. Researchers from Pen Test Partners in UK have found that once connected via wifi network (default password “88888888”) you can root and control it from anywhere in the world.
Pen Test Partners repeatedly warned Svakom of the vulnerability over a three month period. Having received no response to date, they have become public.
Beau du Jour discovered that the Siime Eye creates a Wi-Fi Internet access point with the default password “88888888”. That way, anyone within range can log into it by guessing the simple password, as he explained in a blog post posted on Monday. Looking at the code for the mobile app that came with the dildo, the researcher also found that once on the dildo’s Wi-Fi, you can access its web server. This has a login portal, but the user is “admin” and the password is blank.
By reverse engineering the firmware, Beau du Jour found a way to take root – hackers talk about taking full control of it – and gain persistence on the device, which means it could s ‘Connect to it even outside of Wi-Fi range. At this point, the game was over for the smart camera dildo.
Vulnerable Wi-Fi Dildo Camera Endoscope. Yes really
[Pen Test Partners]
Hackers can easily hijack this dildo camera and live stream inside your vagina (or buttocks)