Luxury Japanese toilet controlled by smartphone could be hacked into and blast users

Security experts have warned the high-tech loo, which can play music and release fragrances, is vulnerable to cyber practical joker

A luxury toilet that is controlled by a smartphone could give users a fright because it is vulnerable to attack by hackers.

Blasts of warm air or squirts of water could unexpectedly surprise people as they go about their business , experts have warned.

Manufactured by Japanese firm Lixil, the Satis toilet connects to Android app, My Satis, via bluetooth and allows users to flush, play music and release fragrances.

However a report by information security experts, Spiderlabs, say a hardware flaw could allow any phone within range to control the £3,800 loo.

The pin code for every model was hardwired to 0000, making the luxury lavatory a security hazard.

The report says: “An attacker could simply download the My Satis application and use it to cause the toilet to repeatedly flush, raising the water usage and therefore utility cost to its owner.

“Attackers could [also] cause the unit to unexpectedly open/close the lid, activate bidet or air-dry functions, causing discomfort or distress to [the] user.”

The limited range of bluetooth means that anyone wishing to carry out such an attack would need to be fairly close to the toilet itself.

Security expert Graham Cluley said: “It’s easy to see how a practical joker might be able to trick his neighbours into thinking his toilet is possessed as it squirts water and blows warm air unexpectedly on their intended victim, but it’s hard to imagine how serious hardened cybercriminals would be interested in this security hole.

“Although this vulnerability seems largely harmless, what’s clear is that companies building household appliances need to have security in mind just as much as computer manufacturers.”