Hackers could deny happy endings as Flipper Zero takes the hype out of adult toys
Flipper Zero’s growing ability to cause mischief and mayhem continues to be discovered, with researchers discovering that the cute little device can be used to take control of vibrating sex toys.
Following news that Flipper Zero could spam Apple devices with messages using Bluetooth Low Energy (BLE) transmissions, researchers Luca Bongiorni and Matteo Mandolini conducted an experiment to see if the device could control adult toys.
The experiment focused on adult toys controlled by the widely used Love Spouse app, which has more than half a million downloads on Google Play. With video evidence to prove it, the couple were able to use Flipper Zero to turn them on and “make the sex toys go crazy,” or turn them off in what they called a “pleasure denial attack.”
The Love Spouse app works by sending packets to the sex toys to turn them on and off, sending a start packet for each of the different vibration modes and then a stop packet to turn the device off again.
As with all Bluetooth and TCP/IP communications, packets are sent by a broadcaster and received by an observer.
App users must log in to send these packages from their devices. To fix this, the researchers used an app called nRF Connect, which allowed them to intercept broadcast packets.
Once this was done, the researchers were able to develop an application in Flipper Zero to replicate those packages.
The Flipper Zero was first launched from a Kickstarter campaign, which raised almost $5 million, surpassing its goal of $60,000.
Users of the device quickly discovered that it could be used as a tool for penetration testing, pranks and experimentation, as well as more serious crimes.
Flipper Zero’s ability to replicate infrared (IR) remote controls allows it to control devices such as televisions and sound systems, but could also allow the user to open a garage door. It can also take electromagnetic signals from car key fobs and record them. However, it has been reported that playing them often has little effect due to car safety systems.
According to Compass IT Compliance, the device can even be used to “bypass some Sentry Safe electronic safes.”