Open source tool Flipper Zero sparks debate as firmware hacks raise car theft fears, with automakers and its creators responding to security concerns.
Flipper Zero, an open source, customisable multi-tool for hackers, has drawn fresh scrutiny over its potential misuse in vehicle theft. First crowdfunded in 2020 with nearly $5 million, the handheld device was marketed as a penetration testing tool combining multiple hacking utilities in one case. Initially sold for around $115, it now retails for about $200, featuring a toylike dolphin mascot “who really loves to hack.”
The latest concern centres on underground sellers offering firmware that allegedly allows Flipper Zero to emulate key fobs for vehicles from Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and others. The code exploits known vulnerabilities in the KeeLoq cipher dating back to the mid-1980s, according to a report by 404 Media.
Hyundai responded: “Hyundai is aware of recent media reports of custom firmware for the Flipper Zero tool that targets certain key fobs for vehicles made by several automakers. We are evaluating this issue and, to date, have not identified any confirmed cases of this method being used in thefts of Hyundai or Genesis vehicles.”
Kia offered a similar stance: “As of August 28, 2025, Kia America has not received a customer or law enforcement report or complaint related to this issue. We take the impact of theft on Kia customers very seriously, and therefore will continue to monitor the situation closely in the U.S.” VW, Ford, and Subaru have yet to respond.
The Flipper Zero team defended its device, stating: “Real car thieves don’t use Flipper Zero—they have purpose-built relay tools.” The company also emphasised that the unlocking software is over a decade old and does not enable starting a vehicle.
The debate underscores the dual nature of open source tools: they empower research and innovation but also create pathways for misuse. Flipper Zero now sits at the centre of this larger conversation on ethics, transparency, and responsibility in open source development.
