- ITDM 2025 전망 | 금융 플랫폼 성패, 지속가능한 사업 가치 창출에 달렸다” KB국민카드 이호준 그룹장
- “고객경험 개선하고 비용은 절감, AI 기반까지 마련” · · · AIA생명의 CCM 프로젝트 사례
- 2025年、CIOはAIに意欲的に投資する - そしてその先も
- The best robot vacuums for pet hair of 2024: Expert tested and reviewed
- These Sony headphones eased my XM5 envy with all-day comfort and plenty of bass
New Phishing Campaign Targets Cybersecurity Professionals Using Hacking Tool Flipper Zero
Several social media accounts and fake websites are pretending to sell the sought-after hacking tool Flipper Zero to lure cybersecurity professionals into making cryptocurrency transactions.
This new campaign of angler phishing – a type of social media phishing that involves impersonating corporate social media accounts to interact with their customers – was first uncovered by security researcher Dominic Alvieri on December 2, 2022.
On Twitter, Alvieri warned of three distinct Twitter accounts and two websites impersonating the official Flipper Zero seller to lure potential buyers into sending cryptocurrencies – without sending them the Flipper Zero device in exchange.
At first glance, one of the Twitter accounts looked very similar to the official Flipper Zero. However, upon closer examination, the researcher discovered that the fake account’s handle used a capital “I” instead of an “l.” after the “F.”
The threat actor seems to use different methods, including linking the shop checkout page to Bitcoin and Ethereum wallets and using plisio.net invoices to accept crypto payments.
Flipper Zero is a small cybersecurity tool that looks like a children’s toy, but that offers hackers, pen-testers and cybersecurity enthusiasts a range of features, including RFID emulation, digital access key cloning, radio communications, NFC, infrared, Bluetooth, and more.
It was launched through a Kickstarter campaign in 2020 and received $4,882,784 in pledges, accounting for 81 times more than the $60,000 the company had hoped for.
Over the past year, however, the product suffered from production issues causing supply shortages that made it impossible to meet the still-growing demand.
In September 2022, revenue holdbacks by digital payments platform PayPal put the project at risk, endangering its production by holding $1.3 million destined for ordering new production batches.
The threat actor is leveraging the gap between a high demand and a low supply.
At the time of writing, one online shop and two of the three fake Twitter accounts are still up.