Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter
newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.

Phishing campaign directly targets cyber experts

Cyber experts have become the latest target for bad actors after a phishing campaign offering a highly sought-after cyber tool was discovered.

user icon Daniel Croft
Mon, 09 Jan 2023
Phishing campaign directly targets cyber experts
expand image

The device in question is the Flipper Zero, a portable multi-tool that allows users to hack a multitude of devices, such as RFID locks on cars, and radio protocols. The technology is “open source and customisable”, allowing users to use it for a wide range of use cases.

The device’s cutesy handheld, toy-like appearance combined with its powerful hacking ability drew in massive interest when first announced in 2020, earning it 81 times its Kickstarter goal of $60,000 for a total of almost $4.9 million.

With production and supply issues affecting the amount of available stock, cyber criminals are taking advantage of the desperation of cyber experts, offering them false promises of a Flipper Zero in exchange for cryptocurrency.

The phishing campaign was first discovered by security researcher Dominic Alvieri at the beginning of December after he found three fake Twitter accounts and two fake websites claiming to sell the product.

One fake Twitter account drew particular attention, appearing to have the exact same handle as the official Twitter account, except using a capital I instead of a lowercase L, both of which look the same on the platform.

The account also responds to messages of availability and the tweets of the real account.

The sites offer Flipper Zero for the same price as the actual website — US$169.

Buyers unknowingly going through the fake platforms will be taken to a checkout page where they enter standard information such as name, email and delivery address, before being asked if they would like to pay in either Ethereum or bitcoin, two of the most popular cryptocurrencies.

While the sites are indeed still active, according to BleepingComputer, the crypto wallets that tricked users would pay into have no history of receiving payments, meaning bad actors change the wallet every time, or have failed to trick anyone.

Due to the high demand and low supply of the product, it is unlikely that this will discourage cyber criminals from continuing their efforts, so those looking for a Flipper Zero should remain vigilant, and ensure that when buying one, they only use the official website, which can be found here.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.