The ‘DarkWeb’ firmware for Flipper Zero circumvents rolling code security systems used by several leading car manufacturers.

A new custom firmware for the Flipper Zero multi-tool device poses a significant threat to vehicle security by reportedly bypassing the rolling code systems used in many modern cars. Demonstrations from the YouTube channel “Talking Sasquach” indicate that this firmware, which is circulating on the dark web, can clone a vehicle’s keyfob with just a single, brief signal capture. Rolling code security has been the industry standard for keyless entry for decades, designed to prevent replay attacks by generating a unique code each time a button is pressed. Unlike previous complex attacks, such as “RollJam,” which required jamming the vehicle’s receiver, this new exploit is alarmingly simple. An attacker only needs to be within range to capture a single button press from the target’s keyfob, allowing the Flipper Zero to reverse-engineer the cryptographic sequence and emulate all keyfob functions, effectively creating a master key.

The implications of this vulnerability are severe, as the legitimate keyfob becomes desynchronised from the vehicle and ceases to function after a successful attack. This could serve as the first indication for an owner that their vehicle’s security has been compromised. Two primary theories exist regarding how the firmware achieves this exploit. One theory suggests that it involves reverse engineering the rolling code sequence, potentially aided by prior leaks of manufacturer algorithms or extensive brute-force attacks. Alternatively, some security experts point to a known vulnerability detailed in an academic paper called “RollBack,” which involves capturing several codes and replaying them in a manipulated order to trick the vehicle’s synchronisation counter. Regardless of the method, the outcome remains the same: one captured signal grants full access to the vehicle. Affected manufacturers include popular brands such as Chrysler, Dodge, Fiat, Ford, Hyundai, Jeep, Kia, Mitsubishi, and Subaru.

The ‘DarkWeb’ firmware for Flipper Zero circumvents rolling code security systems used by several leading car manufacturers.

A vulnerability in Lenovo webcams that run on Linux can be exploited remotely, allowing for potential BadUSB attacks.

A vulnerability in the Cursor AI Code Editor allows for remote code execution (RCE) by swapping in a malicious MCP file after it has been approved.

A vulnerability chain in NVIDIA Triton has the potential to allow attackers to gain control over AI servers.

Researchers took advantage of kernelCTF instances on Google and a zero-day vulnerability in Debian 12.

SonicWall is looking into a possible zero-day vulnerability in its SSL VPN following reports of over 20 targeted attacks.

1.2 million healthcare devices and systems have had their data exposed online, putting patient records in jeopardy of being compromised.

Similar Posts