A phishing campaign has been taking advantage of the increasing interest of the security community in the Flipper Zero tool.
Flipper Zero is a multi-functional portable cybersecurity tool for pen-testers and hacking enthusiasts. The tool allows experts to play around with different hardware by supporting RFID emulation, radio communications, digital access key cloning, NFC, Bluetooth, and infrared, among others and more.
Due to some production issues, the product is facing some supply chain shortages, while its demand is growing continuously. Now, this multi-functional cybersecurity tool is being abused by threat actors to steal personal details and cryptocurrency.
Fake selling Flipper Zero
Cybercriminals are taking advantage of the big interest in the Flipper Zero tool and its lack of availability by creating fake shops and faking to sell it.
- A security researcher spotted the phishing campaigns, including two fake Flipper Zero stores and three fake Twitter accounts.
- One of the fake Twitter accounts has the same handle as the official Flipper Zero account. However, it was spotted using a capital “I” in the name that looks just like an “l” on Twitter.
- This fake Twitter account responds to people regarding availability and other accounts' tweets to make it look genuine.
The aim behind attacks is to take buyers to the phishing checkout page, where they are urged to enter their full names, shipping addresses, and email addresses.
What happens next?
- The victims are given a choice to pay using Ethereum/Bitcoin and told that the order will be processed within 15 minutes.
- The attackers appear to have recently switched to using plisio[.]net invoices to accept crypto payments, including Litecoin. However, these invoices are not working, stating that the order is expired.
Conclusion
Threat actors are creating fake shops to fool security experts into giving up their personal details and cryptocurrency is nothing new. Thus, stay alert regarding promotions and shops claiming quick availability of authentic products.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/7e27_shutterstock_792842674.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_389995999.jpg)
