Alert on hacking tool (Flipper Zero) being used to steal cars … including A LOT of Fords

sborsch · Aug 22, 2025

The Drive (and many other pubs) just released an article about this hacking device which will probably let thieves steal your car including and up to 2025 models!

Are you all over this @Ford Motor Company? This is bad on so many levels I don’t even know where or what to rant about with this hack! While it says “Mustang” in the chart that accompanies this YouTube video about the hack, does that include the Mach-e and when will a patch be available?

Ford Mustang Mach-E Alert on hacking tool (Flipper Zero) being used to steal cars … including A LOT of Fords IMG_1393

XGC75 · Aug 22, 2025

We've thought the MME was fairly secure for a while now given it's unorthodox entry method, but it may be less so nowadays for this reason. I might go with PaaK for a while despite its spotty reliability until/unless this is patched.

Underground Flipper Zero Firmware Purportedly Unlocks Nearly 200 Car Models

https://ground.news/article/undergr...m_source=mobile-app&utm_medium=newsroom-share

https://gizmodo.com/flipper-zero-cars-hacking-2000646318

flapjake314 · Aug 22, 2025

the chart itself doesn't name the mach-e as you noted but it is also listed as model up to 2014...?

azerik · Aug 22, 2025

Video already pulled by YT. I expected it to be a flipperzero. We've played with these in the past and they have a good amount of power, fairly scary.

Blue highway · Aug 22, 2025

... the flipper... yawn....it has been around since 2020. It can do a range of things. Think of it as a way to clone a wireless signal including a key fob.

The list of cars is beyond misleading.

sborsch · Aug 22, 2025

@flapjake314 article in The Drive did say up to 2025 models but as you said, @Blue highway the list is note definitive. Wonder if that is why the video got pulled, @azerik as it’s not factual or up to YT standards.

azerik · Aug 22, 2025

If it shows how to do it they'll pull it. (even though Flipper has plenty of video on how)
They eventually pulled the Kia video after tons a KIA's got stolen and kids said they saw it on YT

Ford Motor Company · Aug 22, 2025

sborsch said:
The Drive (and many other pubs) just released an article about this hacking device which will probably let thieves steal your car including and up to 2025 models!

Are you all over this @Ford Motor Company? This is bad on so many levels I don’t even know where or what to rant about with this hack! While it says “Mustang” in the chart that accompanies this YouTube video about the hack, does that include the Mach-e and when will a patch be available?

Our team is aware and investigating! If at any point there is action we advise owners to take, I’ll make sure to share it here.

TheSeg · Aug 22, 2025

404Media did the original reporting and is much better at explaining the situation and the context.

https://www.404media.co/inside-the-underground-trade-of-flipper-zero-tech-to-break-into-cars/

Jeff-NoVA · Aug 22, 2025

I think it's worth remembering, this is a $600 custom firmware for the Flipper Zero that a Russian guy has so far sold to a handful of people, many of them private dealers. This isn't something teens are likely to be running around your neighborhood using.

eponey · Aug 23, 2025

Supposedly the vulnerability conceptually has been around for a while and it only unlocks the car but does not start it...yet.

ipca204 · Aug 23, 2025

of th many things I worry about, THIS is not one of them....lol

Mach-Lee · Aug 23, 2025

To avoid being hacked, do not use the buttons on your key fob. Phone-as-a-key would be immune to it since those use Bluetooth instead of 315 MHz. I also don't think it will work with intelligent access, just the remote buttons. And they can't start your car.

Honestly it was a matter of time before rolling code fobs would be hacked, I'm surprised it lasted this long.

XGC75 · Aug 23, 2025

Mach-Lee said:
To avoid being hacked, do not use the buttons on your key fob. Phone-as-a-key would be immune to it since those use Bluetooth instead of 315 MHz. I also don't think it will work with intelligent access, just the remote buttons. And they can't start your car.

Honestly it was a matter of time before rolling code fobs would be hacked, I'm surprised it lasted this long.

I'm not so sure an unlock key press is required. The key definitely broadcasts evidenced by the car waking up when you walk towards it. Ford could never confirm or deny without risking security, unfortunately.

On the other hand, if I'm the developer of this firmware I wouldn't want to try and make software that can break all the different methods that detect and validate proximity. Hacking a button press seems simpler.

ESJB · Aug 23, 2025

XGC75 said:
I'm not so sure an unlock key press is required. The key definitely broadcasts evidenced by the car waking up when you walk towards it. Ford could never confirm or deny without risking security, unfortunately.

It's maybe the same problem (and solution) as posted by @Trekkie101 in Mach E branded keys back in stock... The solution may be to replace all key fobs with ones that contain a motion sensor. So they only respond to car pings when picked up.

Alert on hacking tool (Flipper Zero) being used to steal cars … including A LOT of Fords

sborsch

Well-Known Member

XGC75

Active Member

flapjake314

Well-Known Member

azerik

Well-Known Member

Blue highway

Well-Known Member

sborsch

Well-Known Member

azerik

Well-Known Member

Ford Motor Company

Well-Known Member

TheSeg

Well-Known Member

Jeff-NoVA

Well-Known Member

eponey

Well-Known Member

ipca204

Well-Known Member

Mach-Lee

Well-Known Member

XGC75

Active Member

ESJB

Active Member

Similar threads