Zoonop

Flipper Zero 'DarkWeb' Firmware Reportedly Bypasses Rolling Code Security on Millions of Vehicles

Image for Flipper Zero 'DarkWeb' Firmware Reportedly Bypasses Rolling Code Security on Millions of Vehicles

A new, custom firmware for the popular Flipper Zero multi-tool device is reportedly capable of bypassing the advanced rolling code security systems in place on millions of modern vehicles, raising significant concerns about vehicle theft and automotive cybersecurity. Demonstrations by the YouTube channel "Talking Sasquatch" reveal that this firmware, circulating on dark web forums, can clone a vehicle's key fob with a single, brief signal capture. This development neutralizes a key anti-theft measure, potentially impacting major manufacturers like Chrysler, Dodge, Fiat, Ford, Hyundai, Jeep, Kia, Mitsubishi, and Subaru.The Flipper Zero, a compact device favored by security researchers and enthusiasts, is designed for interacting with various wireless protocols, including those used by car key fobs. While intended for legitimate security research, its versatility makes it a potent tool in the wrong hands. The new 'DarkWeb' firmware exploits the device's capabilities to intercept and manipulate radio signals, circumventing protections previously considered robust.Rolling code security, the industry standard for vehicle keyless entry for decades, generates a unique, unpredictable code with each key fob press, preventing simple replay attacks. The new firmware reportedly bypasses this by exploiting synchronization vulnerabilities, potentially through methods similar to "RollJam" or "RollBack" attacks. This allows an attacker to capture a valid, unused code, rendering the original key fob de-synchronized and non-functional.The implications for vehicle owners are substantial, as a successful attack could lead to immediate vehicle theft and leave owners stranded with inoperable key fobs. Industry experts suggest that addressing this widespread vulnerability may necessitate extensive hardware modifications or even mass vehicle recalls, representing potentially billions of dollars in remediation costs for manufacturers. Vehicle owners are advised to be vigilant and consider additional physical security measures, while manufacturers face pressure to implement more robust, future-proof security mechanisms.