Zoonop

Millions of Vehicles Vulnerable as Flipper Zero Firmware Reportedly Bypasses Rolling Code Security

Image for Millions of Vehicles Vulnerable as Flipper Zero Firmware Reportedly Bypasses Rolling Code Security

A new custom firmware for the popular Flipper Zero multi-tool device is reportedly capable of bypassing the advanced rolling code security systems used in most modern vehicles, potentially putting millions of cars at significant risk of unauthorized access. Demonstrations by security researchers indicate that this firmware, circulating on dark web forums, can clone a vehicle's key fob with just a single, brief signal capture.

Rolling code security, a long-standing industry standard, was designed to prevent vehicle theft by generating a new, unique code with each key fob press, rendering simple replay attacks ineffective. However, this new Flipper Zero firmware allegedly circumvents these protections by reverse-engineering the cryptographic sequence from a single intercepted signal. This allows it to emulate all key fob functions, including lock, unlock, and trunk release, effectively creating a master key.

A critical consequence of this exploit is that the original, legitimate key fob becomes immediately desynchronized from the vehicle and ceases to function, serving as a potential indicator of compromise for vehicle owners. Affected manufacturers reportedly include Chrysler, Dodge, Fiat, Ford, Hyundai, Jeep, Kia, Mitsubishi, and Subaru, with ongoing development to target additional brands. The firmware is said to originate from a Russian hacker and is being sold on dark web channels for up to $1,000, though security researchers have managed to bypass its serial locks.

The Flipper Zero development team, however, has refuted claims that their device can "steal cars" with this firmware. In a recent blog post, they stated that the firmware utilizes techniques documented as far back as 2006 and that real car thieves employ specialized relay tools to start engines, which the Flipper Zero cannot do. Despite this, security experts like Jeremy Yablan, known as RocketGod, emphasize the firmware's capability to instantly decode all key fob buttons from a single keypress.

The vulnerability poses a significant challenge for the automotive industry, as a simple software update is unlikely to provide a comprehensive fix. Experts warn that the only effective solution might involve mass recalls to replace physical components in affected vehicles, a logistically and financially daunting prospect for manufacturers. This development underscores the ongoing need for robust, adaptive security measures in an increasingly connected automotive landscape.