Thanks to Malwarebytes’ Stefan Dasic who provided the research and screenshots for this article.
Flipper Zero, a “multi-tool device for hackers”, is frequently out of stock due to its popularity in hardware circles. Flipper Zero combines research and penetration hardware tools into a single unit. It can be used straight out of the box, but it’s also open-source and customizable, so users can extend its functionality however they like.
A steady stream of influencers promoting the product only makes the device ever more desirable, and the lack of availability makes it a big draw for fraudsters looking to turn a quick profit.
(Source: Flipper Zero Kickstarter page)
Sites claiming to sell Flipper Zero have previously been spotted on both Instagram and Twitter. Our researchers have recently found several bogus sites that claim to sell Flipper Zero. We’re going to walk you through one.
Most bogus Flipper Zero sites mimic the clean design of the real thing located at the genuine site, flipperzero.one. The sites also tend to make use of HTTPs, and come complete with a padlock in the URL bar. Note that HTTPs on a site does not mean it’s legitimate by its presence alone, it only means that the connection between your device and the site is encrypted.
zerotools[dot]net targets European consumers (Source: Stefan Dasic | Malwarebytes)
A genuine Flipper Zero costs $169. Some fake sites will overcharge if they want you to panic at the lack of supply. Others will undercharge if they want you to think you’ve found the last stock in town. In our example, the standard price on zerotools[dot]net is €199.99 ($220.24), excluding any additional fees like shipping.
The site asks for the sort of personal details you are typically asked for when ordering something online, such as full name and address. If you’re on the genuine Flipper Zero site, payment methods will include card, PayPal, and Google Pay. Our fake site, zerotools[dot]net, leans heavily toward cryptocurrency payments. Scammers prefer this mode because cryptocurrency transactions are much more difficult to trace than traditional payment methods such as those on the genuine site.
Specifics about the Bitcoin wallet used for the site above are not available. However, a wallet used on another fake Flipper Zero site currently contains some coins, which may indicate people have fallen for the scam.
Malwarebytes products block these sites to protect users from getting scammed.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.