Flipper Zero continues to phish the infosec community

Flipper Zero is the latest phishing scheme that exploits security community members’ increasing interest in stealing their personal data and crypto.

Flipper Zero, a multifunctional portable cybersecurity tool that can be used by hackers and pen testers is available. Researchers can use the tool to experiment with various hardware, including RFID emulation and digital access key cloning.

After a hugely successful 2020 which raised $4,882,784 and exceeded the goal of $60,000, the developers released the device.

Security researchers have been showing Flipper Zero’s endlessly funny and frightening capabilities on social media since then. This has helped to generate a lot of hype about the device and raised the curiosity of researchers and hackers.

The product’s performance was affected by supply issues that caused shortages, making it difficult to keep up with the ever-growing demand.

In September 2022, placed the project in danger. They held $1.3 million that were to be used for new orders.

Cybersecurity researchers are being targeted

Flipper Zero’s popularity and inaccessibility are being exploited by threat actors who create fake shops to try to market it.

Security analyst discovered these phishing schemes and spotted three fake Twitter accounts as well as two Flipper Zero shops.

One of the fake Twitter accounts looks very similar to the Flipper Zero official account. It actually uses a capital I in its name. This looks exactly like a Twitter “l”.

Fake Twitter account (left) real Twitter account (right)

Source: BleepingComputer

To make the fake Twitter account look legit, it is responding actively to questions about availability as well as tweets from other accounts.

One of these fake shops still exists online at the time this article was written. They claim to be selling Flipper Zero, Wi-Fi modules, and cases for the exact same price as the real shop.

Fake Flipper Zero shop

Source: BleepingComputer

This page is designed to redirect buyers to a phishing website, which will ask them to fill out their full names and email addresses.

Phishing step on the order page

Source: BleepingComputer

After that, victims can choose to make payment using Bitcoin or Ethereum cryptocurrency. They are informed that they will receive their order within 15 minutes.

Choosing a payment method

Source: BleepingComputer

The wallet addresses listed haven’t received payments so the shop either hasn’t been able to fool security investigators or simply used different wallets for each transaction.

To accept cryptocurrency payments, the threat actors now use invoices. do not work and state that the order is expired.

Cybercriminals will to portray Flipper Zero by creating fake shops in order to fool security experts into giving their crypto.

It is important to keep an eye out for promotions or shops that claim immediate availability of products and to only shop at the store.