A man holds an orange and white device in his hand, about the size of his palm, with an antenna sticking out. He enters some commands with the built-in buttons, then walks over to a nearby car. At first, its doors are locked, and the man tugs on one of them unsuccessfully. He then pushes a button on the gadget in his hand, and the door now unlocks.The tech used here is the popular Flipper Zero, an ethical hackers swiss army knife, capable of all sorts of things such as WiFi attacks or emulating NFC tags. Now, 404 Media has found an underground trade where much shadier hackers sell extra software and patches for the Flipper Zero to unlock all manner of cars, including models popular in the U.S. The hackers say the tool can be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and several other brands, including sometimes dozens of specific vehicle models, with no easy fix from car manufacturers.These tools are primarily sold for a fee, keeping their distribution somewhat limited to those willing to pay. But, there is the looming threat that this software may soon reach a wider audience of thieves. Straight Arrow News (SAN) previously covered the same tech in July, and the outlet said it successfully tested the tool on a vehicle. Now people are cracking the software, meaning it can be used for free. Discord servers with hundreds of members are seeing more people join, with current members trolling the newbies with fake patches and download links. If the tech gets out, it threatens to supercharge car thefts across the country, especially those part of the social media phenomenon known as Kia Boys in which young men, often in Milwaukee, steal and joyride Kia and Hyundai cars specifically because of the vehicles notoriously poor security. Apply that brazeness to all of the other car models the Flipper Zero patches can target, and members of the car hacking community expect thieves to start using the easy to source gadget.Kia Boys will be Flipper Boys by 2026, Cody Kociemba, a reverse engineer who goes by the handle Trikk and who has cracked some of the software, told 404 Media.Do you know anything else about people using the Flipper Zero to break into cars? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.The Flipper Zero was first announced on Kickstarter in 2020 and raised nearly $5 million. Since then, hackers and hobbyists have made their own Flipper Zero firmware to make the tool even more powerful. There is Unleashed which opens up the device to perform more RFID or USB attacks, for example. A hacker called Daniel told 404 Media he is the original creator of the Unleashed firmware.Daniel also sells his car-unlocking Flipper Zero patches for either $600 or $1,000, paid in cryptocurrency. With the former, you just get the latest version. With the latter, you receive future upgrades and support. Daniel claimed to 404 Media he has sold tech to around 150 people over the past two years.Maybe someone is using it to steal from cars or steal cars, Daniel said. They also said it is in demand from locksmiths or car shop owners.On YouTube, Daniel shows the device being used on a Ford vehicle; another targets a Volkswagen; some show Kias; and another is a Solaris KRX. Just a few days ago, Daniel uploaded a new video demonstrating what he described as a big upgrade for the software, and its capabilities against more vehicles. Daniel has a partner who goes by the name Derrow and also sells the tech. They have their own website that includes a list of recent updates: in July the team added support for Citroen and Peugeot. This month, they added more Ford models.A screenshot of Daniel's YouTube channel's recent videos.Some of those videos show road signs in Russian, including for an airport in Moscow; Daniel told 404 Media he was based in Russia.For years police have highlighted the prevalence of another type of attack, called a relay attack, which essentially extends the range of a victims keyfob. With that, a thief can unlock a car, say, in a driveway, while the keyfob is still inside a targets home. I previously spoke to someone who sells this sort of tech to target luxury vehicles.One countermeasure to techy-car thieves is the use of rolling codes. Modern vehicles use a different code each time to unlock a vehicle, which is supposed to stop thieves who clone the fob from being able to break into a car. But with this Flipper Zero attack, the tool intercepts a targets keyfob code, then calculates what the next code will be, unlocking the vehicle. Daniel described it as a shadow copy of the original key. (A side effect is that the attack can desynchronize the real keyfob, meaning the actual owner wont be able to open their car until it is reset. A comment on one of Daniels YouTube videos from someone with locksmith in their username says I'm going to make a fortune fixing desynced fobs.)To build this capability, Daniel said he has bought various pieces of source code from other people. That includes code related to grabbing details transmitted by the keyfob; code concerning spare keys; and other specific hardware. Daniel and Derrow then created this new capability and configured it to work with a Flipper Zero and Raspberry Pi respectively, Daniel said.Derrow told 404 Media in an email that Some cars like Kia are not using any protection at all, which makes it easy to open them. For other vendors you must know the source code, then you can open them too.Screenshots of the PDF provided by Daniel.Daniel shared a PDF which lays out the vehicles the patches allegedly work against. It names nearly 200 specific models of vehicles, including many 2025 versions. As well as Subaru, Fiat, Ford, Mitsubishi, Suzuki, Peugeot, Citron, Volkswagen, Skoda, and Audi, the document also says Honda is in development.There isn't really anything people can do to defend against it, other than not using their key fob, and the vehicles affected is a pretty huge list, Trikk, the reverse engineer, said.404 Media contacted all of the vehicle manufacturers mentioned in the document. Most did not provide a statement on whether they were aware of the attack or what they were doing to mitigate it. Ford declined to comment.Hyundai is aware of recent media reports of custom firmware for the Flipper Zero tool that targets certain key fobs for vehicles made by several automakers. We are evaluating this issue and, to date, have not identified any confirmed cases of this method being used in thefts of Hyundai or Genesis vehicles, a Hyundai spokesperson told 404 Media.Flipper Devices, the company that makes the Flipper Zero, told 404 Media in an email that we are not aware of any officially confirmed cases of theft using a Flipper Zero. It stressed that the Flipper Zero is a multipurpose tool intended for security researchers to test and demonstrate vulnerabilities in a responsible manner.We have seen reports from researchers who have used Flipper Zero with third-party software and hardware to exploit brazen vulnerabilities in certain cars. We hope car manufacturers will take the security of their products more seriously and patch them up immediately, as carjackers have access to extremely sophisticated black market tools, the statement added. Ultimately, the real issue lies in how some car manufacturers continue to ship systems with outdated security models. Until companies take security more seriously and roll out regular updates, these vulnerabilities will persist regardless of the tool used. 0:00 /0:13 1 The site that new visitors asking for the tool are directed to. When customers buy his patch, Daniel says he requires photos from the Flipper Zeros box showing the devices serial number, and a photo of a specific part of the gadgets settings. This is to lock the purchased patch to a customers device, so as to prevent stealing, unauthorised distribution, reverse-engineering and any other unwanted manipulations, Daniel said.His partner Derrow distributes the patches similarly. Their website reads All Firmwares are personalized and it is strictly forbidden to pass it to any third party! Violating this rule disqualifies you for any further support, and your Firmware and account will be blacklisted for further use!With a cracked version, anyone with a Flipper Zero and some basic tech knowledge could use the gadget to break into cars without having to pay the original developers. Daniel acknowledged that some people had cracked his software, but claimed that the newest versions were still secure.Trikk said cracked versions of the software are being guarded by people who have it in an attempt to stop abuse. When new people join Discord servers that discuss the tech, they often ask for a free version of the tool. In response, members of one reply with the https://private.unleashedv2.dev/, which redirects to a flashy webpage that says fuck you and you dont belong here. Trikk said people who ask are also given the Firmware Curious Discord role as a mark of shame. Trikk also sent 404 Media a video which showed a person being trolled with a fake version of the tool which claims to have found a Rolls-Royce Ghost nearby; the person pans their camera seemingly looking for the vehicle but doesnt find one.Its more so a litmus test to get rid of the skids easily, Trikk said, referring to script kiddies, or skids, which are hackers with a lower technical ability.But cracked versions are starting to trickle out from the community. A source sent 404 Media a copy of the cracked tool, including scripts for Kia and Suzuki vehicles.I think there will be a lot of noobs that want to play around with it because it's cool, and end up bricking their key fobs, and others will likely try to use it to break into/steal cars, Trikk said. Unfortunately with the original author selling it to anyone who has the money, it's going to be available very soon, and open sourced shortly thereafter.Derrow, one of the developers, told 404 Media the sale is currently going through the roof.