Inside the Underground Trade in Flipper Zero Car Attacks ⇥ 404media.co

Joseph Cox, 404 Media:

A man holds an orange and white device in his hand, about the size of his palm, with an antenna sticking out. He enters some commands with the built-in buttons, then walks over to a nearby car. At first, its doors are locked, and the man tugs on one of them unsuccessfully. He then pushes a button on the gadget in his hand, and the door now unlocks.

The tech used here is the popular Flipper Zero, an ethical hacker’s swiss army knife, capable of all sorts of things such as WiFi attacks or emulating NFC tags. Now, 404 Media has found an underground trade where much shadier hackers sell extra software and patches for the Flipper Zero to unlock all manner of cars, including models popular in the U.S. The hackers say the tool can be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and several other brands, including sometimes dozens of specific vehicle models, with no easy fix from car manufacturers.

The Canadian government made headlines last year when it banned the Flipper Zero, only to roll it back in favour of a narrowed approach a month later. That was probably the right call. However, too many — including Hackaday and Flipper itself — were too confident in saying the device was not able to, or could not, be used to steal cars. This is demonstrably untrue.