‘Denial of pleasure’ attack: FlipperZero targets adult toys

Researchers find that Flipper Zero can connect and control adult toys remotely by making them vibrate or stop working via a Bluetooth Low-Energy (BLE) broadcast.

Infosec specialists Matteo Mandolini and Luca Bongiornis performed an experiment where they used Flipper Zero firmware to target adult toys managed by the Love Spouse application. The app, with more than half a million downloads on the Google Play Store, allows users to select the device and start or stop it via a Bluetooth Low-Energy (BLE) broadcast.

Researchers used the Android and iOS application called nRF Connect, which allows us to intercept the broadcast packets. The Love Spouse application uses two packets – a start packet for each vibration command and a single stop packet.

Using this information, researchers developed an app for the Flipper Zero device that replicates the behavior of the app to start the devices. By abusing stop command, what researchers called – a ‘Denial of Pleasure’ attack could be conducted.

Introduced initially as a Kickstarter campaign in 2022, the Flipper Zero device is capable of assessing and compromising a broad spectrum of radio and wireless signals and is used in a variety of penetration testing exercises.

While the device can assess or manipulate wireless network traffic from a distance, it excels at nearby interactions such as script execution via USB, credential theft, and brute-forcing a variety of other devices such as safes, badge access readers, or even garage door openers.

Cybernews previously reported that another app used for controlling sex toys, Lovense, was putting its users at risk. The Cybernews research team found multiple cybersecurity flaws, including a high number of public exploits surrounding the Bluetooth protocol, putting the users at risk of denial of service (DoS).