Ever imagined a small online device capable of hacking into power grid control systems? Well, cybercriminals are already exploiting the power of the ‘Flipper Zero,’ a device priced at $168, to gain unauthorized access to various systems, including garage doors, gas station price meters, hotel rooms, and property gates.
However, the implications go beyond these relatively harmless breaches. Shockingly, the same device has also been employed to launch cyber-attacks on critical infrastructure, such as power substations responsible for energy distribution. Reports suggest that radical organizations are leveraging the Flipper Zero to digitally assault power stations, posing serious risks to public safety and national security.
So, what exactly is the Flipper Zero?
It’s a remote device designed to circumvent Digital Rights Management (DRM) systems that safeguard intellectual properties. Its capabilities have evolved significantly since its initial development in December of the previous year, making it a powerful tool for debugging, fuzzing, exploring hardware, and tinkering with firmware.
Certain hacking organizations have now discovered new ways to exploit Flipper Zero’s potential. They are using the device to manipulate Near Field Communication (NFC), Radio-Frequency Identification (RFID), and sub-GHz wireless networks, which includes payment machines. This enables them to carry out fraudulent activities like brute force attacks on Unified Connectivity Fabric systems, which connect smart grids, vehicles, water meters, and appliances, allowing unauthorized access and manipulation of commands.
The situation has drawn attention from law enforcement agencies, with the New York City Police Department (NYPD) and the FBI exchanging internal documents regarding the device’s misuse. Reports indicate that some Telegram accounts have been closely monitored due to suspicious mentions of Flipper Zero-related fraudulent activity.
Alarming videos have surfaced on platforms like Daily Motion, displaying criminals manipulating price meters at fuel stations and obtaining gasoline at heavily discounted rates. This poses a significant threat not only to the economic stability of businesses but also to the safety of consumers.
While Pavel Zhovner, the CEO of Flipper Zero, acknowledges that the device exhibits certain vulnerabilities that could lead to misuse, he emphasizes that gaining unauthorized access to an energy grid is not a simple task. Nevertheless, due to its potential for abuse, the device has been declared illegal in several countries, including the UK and India. Despite this, online sales of the Flipper Zero have been exponentially increasing on a monthly basis, raising concerns among cybersecurity experts and authorities alike.