Inside the Underground Trade of ‘Flipper Zero’ Tech to Break into Cars
Technology
110
Beiträge
59
Kommentatoren
41
Aufrufe
-
The tech used here is the popular Flipper Zero, an ethical hacker’s swiss army knife, capable of all sorts of things such as WiFi attacks or emulating NFC tags. Now, 404 Media has found an underground trade where much shadier hackers sell extra software and patches for the Flipper Zero to unlock all manner of cars, including models popular in the U.S. The hackers say the tool can be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and several other brands, including sometimes dozens of specific vehicle models, with no easy fix from car manufacturers.
Yes let me stalk someone to steal their car temporarily. Honestly this thing is kinda a toy on par with my rooted LG V20 with its IR blaster and USB C port that I can plug anything into or my HP stream with a software defined radio I played around with. These people are kinda making software for the wrong type of devices to be frank with ya and I cannot wait until someone makes some weird app and USB C dongle for an android phone to replace the Flipper Zero with. You don't even need to have root access for this as apps can just take over the USB port anyway on your phone.
-
Really? I see these fairly often on local fb marketplace. I was tempted out of curiosity to get one but I dont have a use outside of mucking about.
outside of mucking about.
The best use case of all.
-
If you're using Crowley to support what's legitimate, you're gonna have problems.
that’s the only thing i use from him…
-
That's probably debatable, if they have permission. They probably shouldn't have been given permission, but that's a separate issue
I usually do it when we take over a customer's access control system and we have half their doors on the new system and half in the old still and are migrating them over. I'm an electronic security tech, this is what I do for a living.
-
there must be some challenge-response type NFC systems on the market
There are. Hotels use them for door key cards so they can't be cloned.
Unfortunately.. I was trying to clone a room key to my phone so I could just tap to enter when I stay 10 weeks in the same room.
-
I like to hijack the robot vacuum when I go to DnD and ring my parents doorbell when I visit.
I tried deciphering this sentence with Dungeons'n'Dragons and Do Not Disturb and neither makes sense
-
I tried deciphering this sentence with Dungeons'n'Dragons and Do Not Disturb and neither makes sense
The physical IRL location where I show up to play Dungeons n Dragons, and not in game. DM's got a robot vacuum.
-
To be clear, the flipper is just a Girl Tech IM-me with an NFC chip. If it lets people do a thing, that thing has been possible for decades. Just wait until someone makes a popular device based on a cheap fully featured wideband SDR like the AD9363 or LMS7002. Shit is gonna get fucking wild.
Lol yeah a very cheap rtlsdr with a chip for transmission can do the same as a flipper. Flipper just makes it easy.
-
The tech used here is the popular Flipper Zero, an ethical hacker’s swiss army knife, capable of all sorts of things such as WiFi attacks or emulating NFC tags. Now, 404 Media has found an underground trade where much shadier hackers sell extra software and patches for the Flipper Zero to unlock all manner of cars, including models popular in the U.S. The hackers say the tool can be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and several other brands, including sometimes dozens of specific vehicle models, with no easy fix from car manufacturers.
It is true that this device can be used nefariously. But it's just a computer with a wide variety of very basic and common communication methods along with software to exploit them. There are many other computers like it that are just less popular. And to ban it is to ban said basic communication hardware like radio, WiFi, NFC, etc.
The solution is to mandate companies to provide a minimum level of security. Even giant companies with good reputations have giant security holes, like Apple or your bank, implementing mandatory SMS as 2FA. That shit should be illegal.
-
I like to hijack the robot vacuum when I go to DnD and ring my parents doorbell when I visit.
I'm fond of skipping Kid Rock songs on the local dive bar's touchtunes.
-
Really? I see these fairly often on local fb marketplace. I was tempted out of curiosity to get one but I dont have a use outside of mucking about.
They don't really have many legitimate, practical uses for most people. They're ideal for pentesters.
-
I'm fond of skipping Kid Rock songs on the local dive bar's touchtunes.
I would let all the power go to my head with that one. Not that I go outside, let alone to bars.
-
The tech used here is the popular Flipper Zero, an ethical hacker’s swiss army knife, capable of all sorts of things such as WiFi attacks or emulating NFC tags. Now, 404 Media has found an underground trade where much shadier hackers sell extra software and patches for the Flipper Zero to unlock all manner of cars, including models popular in the U.S. The hackers say the tool can be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and several other brands, including sometimes dozens of specific vehicle models, with no easy fix from car manufacturers.
I kinda want to see if this would work on my car since the proximity detection of the keyfob only works about half the time anyway.
-
I would let all the power go to my head with that one. Not that I go outside, let alone to bars.
Sometimes you gotta do what you gotta do, unless you want to hear Kid Rock butcher Sweet Home Alabama (which itself butchered Werewolves of London, and was only still good because you can hear Van Zandt drop his donuts, goddamn, in the back of the track) for the fourth time tonight.
-
The tech used here is the popular Flipper Zero, an ethical hacker’s swiss army knife, capable of all sorts of things such as WiFi attacks or emulating NFC tags. Now, 404 Media has found an underground trade where much shadier hackers sell extra software and patches for the Flipper Zero to unlock all manner of cars, including models popular in the U.S. The hackers say the tool can be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and several other brands, including sometimes dozens of specific vehicle models, with no easy fix from car manufacturers.
Thought cars were bad, not sure many people have an understanding of how our emergency broadcasts and alerts work. US needs some huge infrastructure updates.
-
Thought cars were bad, not sure many people have an understanding of how our emergency broadcasts and alerts work. US needs some huge infrastructure updates.
Can you be more specific? It’s not like you’re the first person to think about the nefarious uses of emergency alerts.
-
It is true that this device can be used nefariously. But it's just a computer with a wide variety of very basic and common communication methods along with software to exploit them. There are many other computers like it that are just less popular. And to ban it is to ban said basic communication hardware like radio, WiFi, NFC, etc.
The solution is to mandate companies to provide a minimum level of security. Even giant companies with good reputations have giant security holes, like Apple or your bank, implementing mandatory SMS as 2FA. That shit should be illegal.
The people who write the laws specifically like that exploit.
-
To be clear, the flipper is just a Girl Tech IM-me with an NFC chip. If it lets people do a thing, that thing has been possible for decades. Just wait until someone makes a popular device based on a cheap fully featured wideband SDR like the AD9363 or LMS7002. Shit is gonna get fucking wild.
It’s like how people think the Raspberry Pi is the only single board computer.
-
It is true that this device can be used nefariously. But it's just a computer with a wide variety of very basic and common communication methods along with software to exploit them. There are many other computers like it that are just less popular. And to ban it is to ban said basic communication hardware like radio, WiFi, NFC, etc.
The solution is to mandate companies to provide a minimum level of security. Even giant companies with good reputations have giant security holes, like Apple or your bank, implementing mandatory SMS as 2FA. That shit should be illegal.
Oh, you sound so optimistic, my bank has a mandatory 4 digit code as login with 2fa sms for new devices. I sometimes consider going to shoot the cto there but I don't own a gun.
-
I kinda want to see if this would work on my car since the proximity detection of the keyfob only works about half the time anyway.
Securtiy by dysfunction!
