Malwarebytes M on a Flipper Zero unit

Fake Flipper Zero sellers are after your money

Thanks to Malwarebytes’ Stefan Dasic who provided the research and screenshots for this article.

Flipper Zero, a “multi-tool device for hackers“, is frequently out of stock due to its popularity in hardware circles. Flipper Zero combines research and penetration hardware tools into a single unit. It can be used straight out of the box, but it’s also open-source and customizable, so users can extend its functionality however they like.

A steady stream of influencers promoting the product only makes the device ever more desirable, and the lack of availability makes it a big draw for fraudsters looking to turn a quick profit. 

(Source: 

Sites claiming to sell Flipper Zero have previously been spotted on both Instagram and Twitter. Our researchers have recently found several bogus sites that claim to sell Flipper Zero. We’re going to walk you through one. 

The makings of a fake Flipper Zero site

Most bogus Flipper Zero sites mimic the clean design of the real thing located at the genuine site, flipperzero.one. The sites also tend to make use of HTTPs, and come complete with a padlock in the URL bar. Note that HTTPs on a site does not mean it’s legitimate by its presence alone, it only means that the connection between your device and the site is encrypted. 

zerotools[dot]net targets European consumers (Source: Stefan Dasic | Malwarebytes)

A genuine Flipper Zero costs $169. Some fake sites will overcharge if they want you to panic at the lack of supply. Others will undercharge if they want you to think you’ve found the last stock in town. In our example, the standard price on zerotools[dot]net is 199.99 ($220.24), excluding any additional fees like shipping.

The site asks for the sort of personal details you are typically asked for when ordering something online, such as full name and address. If you’re on the genuine Flipper Zero site, payment methods will include card, PayPal, and Google Pay. Our fake site, 

zerotools[dot]net, leans heavily toward cryptocurrency payments. Scammers prefer this mode because cryptocurrency transactions are much more difficult to trace than traditional payment methods such as those on the genuine site.”>

Specifics about the Bitcoin wallet used for the site above are not available. However, a wallet used on another fake Flipper Zero site currently contains some coins, which may indicate people have fallen for the scam.

How to avoid fake Flipper Zero sites

  • Buy straight from the developers. You can purchase units from the official website, flipperzero.one, or from the Kickstarter page. You may be waiting a while before they become available again, but at least when they do you know you’ll be getting your hands on the real thing.
  • Buy from legitimate retailers. There are a handful of shops online that Flipper Zero developers recognize as genuine sellers of Flipper units. We’ve replicated the list from the official Discord server.
  • Familiarize yourself with the official site. Take note of the real URL, the payment methods available, and be wary of sites pushing a price that’s too high or too good to be true.

Malwarebytes products block these sites to protect users from getting scammed.


Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW

ABOUT THE AUTHOR

Jovi Umawing

Knows a bit about everything and a lot about several somethings. Writes about those somethings, usually in long-form.