A new phishing campaign is taking advantage of the growing interest among security professionals on Flipper Zero to steal their personal information and cryptocurrencies. A portable, multi-purpose cybersecurity gadget, Flipper Zero, is designed for pen testers and hacking enthusiasts. The tool’s support for RFID emulation, digital access key cloning, radio communications, NFC, infrared, Bluetooth, and other technologies makes it possible for researchers to experiment with multiple devices.
The gadget was released by the creators following a hugely successful 2020 Kickstarter campaign that raised $4,882,784 more than its initial $60,000 goal. Since then, Flipper Zero has attracted the attention of wannabe hackers and researchers due to security researchers’ social media demonstrations of its endlessly entertaining and occasionally terrifying capabilities.
But in the previous year, production problems prevented enough goods from being available to satisfy the still-increasing demand. When PayPal, a digital payment provider, withheld $1.3 million intended for buying additional production batches in September 2022, it put the project at risk and jeopardized its production.
Threat actors are currently capitalizing on the enormous demand in Flipper Zero and its scarcity by setting up fictitious stores that purport to offer it. Security expert Dominic Alvieri identified these phishing efforts after spotting two bogus Flipper Zero businesses and three fake Twitter profiles.
The phony Flipper Zero Twitter account initially has the same handle as the real account, at least on the surface. However, it employs a capital “I” in the name, which appears on Twitter as an “l.” In order to appear genuine, this fake Twitter account is actively replying to inquiries regarding availability and other accounts’ tweets.
One of the fraudulent stores is still active online as of the time of writing this and claims to provide Flipper Zero, the Wi-Fi module, and the case for the same price as the actual shop. Buyers are intended to be sent to a phishing checkout page where their email addresses, complete names, and shipping addresses are required to be entered. After being offered the option to pay with Ethereum or Bitcoin, victims are informed that their order will be executed within 15 minutes of submission.
Since no payments have been made to the specified wallet addresses, the specific store failed to deceive any security researchers or exploit different wallets for each transaction. Since then, the threat actors have resorted to accepting cryptocurrency payments, including now Litecoin, using plisio.net invoicing. These invoices, however, fail to function and indicate that the order has expired.
Cybercriminals will keep trying to pose as Flipper Zero through phony stores in an effort to dupe security enthusiasts into handing over their personal information and cryptocurrency as long as there is still demand and a lack of the product. As a result, it is crucial to watch out for these special offers and stores that advertise immediate product availability and only make purchases from the official store.
