Malicious software such as viruses can not only reach your own computer via the Internet, but also via connected devices. There was an unexpected example of this recently on Reddit. In a now-deleted post, a user reported that when a Sexology Pussy Power 8-function vibrator was loaded, the installed antivirus software from Malwarebytes became active.
Data theft through sex toys
According to a later Malwarebytes blog post, the chip in the vibrator attempted to distract the user with an XML bomb and then install the Lumma malware. This first appeared in Russia in August 2022 and is apparently being offered for sale by criminals in order to smuggle it into systems independently – as is the case here. There she can then steal information such as login details.
It is still unclear how the virus got onto the vibrator. Allegedly, the affected customer purchased the model directly from the model's sole supplier – Spencer's. The latter has now acknowledged the problem, but has not yet published any further details about the incident. It cannot therefore be ruled out that other vibrators are affected. The malware may have been placed on a large scale by the original producer before the products were delivered to the resellers.
Suitable for: Retro shooter Ultrakill gets new feature, now supports sex toys
In any case, Malwarebytes recommends charging devices using a power adapter or only connecting them to the computer via a USB data blocker – also appropriately called a USB condom. These adapters have the data lines of the USB port broken, allowing the device to charge without communication being possible. However, a (wireless) data connection is necessary for firmware updates or live control, as is sometimes offered with vibrators. In this case, only a system with the latest security level or, of course, a product that – as you would expect – does not contain any malware will help.
Quelle: Malwarebytes via Tom’s Hardware