A man holds an orange and white device in his hand, about the size of his palm, with an antenna sticking out. He enters some commands with the built-in buttons, then walks over to a nearby car. At first, its doors are locked, and the man tugs on one of them unsuccessfully. He then pushes a button on the gadget in his hand, and the door now unlocks.
The tech used here is the popular Flipper Zero, an ethical hacker’s swiss army knife, capable of all sorts of things such as WiFi attacks or emulating NFC tags. Now, 404 Media has found an underground trade where much shadier hackers sell extra software and patches for the Flipper Zero to unlock all manner of cars, including models popular in the U.S. The hackers say the tool can be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and several other brands, including sometimes dozens of specific vehicle models, with no easy fix from car manufacturers.
These tools are primarily sold for a fee, keeping their distribution somewhat limited to those willing to pay. But, there is the looming threat that this software may soon reach a wider audience of thieves. Straight Arrow News (SAN) previously covered the same tech in July, and the outlet said it successfully tested the tool on a vehicle. Now people are cracking the software, meaning it can be used for free. Discord servers with hundreds of members are seeing more people join, with current members trolling the newbies with fake patches and download links. If the tech gets out, it threatens to supercharge car thefts across the country, especially those part of the social media phenomenon known as Kia Boys in which young men, often in Milwaukee, steal and joyride Kia and Hyundai cars specifically because of the vehicles’ notoriously poor security. Apply that brazeness to all of the other car models the Flipper Zero patches can target, and members of the car hacking community expect thieves to start using the easy to source gadget.