Its creators call it a “multi-tool” device. For many users, it’s a hacking accessory. Since it first debuted in 2020, the Flipper Zero has been considered a fun, low-key pen-tester, but a new report bolsters claims made by the tool’s critics, many of whom have argued that it makes nefarious hacking just a little too easy.

404 Media reports that claims the Flipper has become a favorite in a digital underground where low-level hackers create and sell their own software to modify the tool’s abilities. 404 spoke with a hacker who goes by the moniker “Daniel,” who has been responsible for peddling patches that can turn the Flipper into a car-unlocking device. This customized software is bought and sold with cryptocurrency, the outlet notes. It has two tiers: one worth $600, in which the buyer gets the latest version of the software, and the other costs $1,000 (wherein the buyer gains access to “future upgrades and support”). The hacker told 404 Media that he had sold his wares to approximately 150 people. “Maybe someone is using it to steal from cars or steal cars,” Daniel told them.

Using the simple software workarounds, would-be car thieves seem to have quite a lot of options. Indeed, Daniel’s software patches are alleged to work on a broad variety of car brands. 404 writes:

Daniel shared a PDF which lays out the vehicles the patches allegedly work against. It names nearly 200 specific models of vehicles, including many 2025 versions. As well as Subaru, Fiat, Ford, Mitsubishi, Suzuki, Peugeot, Citroën, Volkswagen, Skoda, and Audi, the document also says Honda is in development.

Daniel, who markets his software on YouTube, also told 404 that he had instituted guardrails to keep users from “cracking” his software and thus using it without paying him. However, 404 reports that software like the kind Daniel sells is being cracked, which allows for its broader (and free) distribution.

Flipper doesn’t seem to feel that any of this is its problem. In a statement shared with 404, the company claimed that it was “not aware of any officially confirmed cases of theft using a Flipper Zero.” It added: “We have seen reports from researchers who have used Flipper Zero with third-party software and hardware to exploit brazen vulnerabilities in certain cars. We hope car manufacturers will take the security of their products more seriously and patch them up immediately, as carjackers have access to extremely sophisticated black market tools.” Gizmodo reached out to Flipper Devices for more information.

Authorities have long accused the Flipper of aiding and abetting car thieves. In February of last year, the Canadian government moved to ban the tool, along with other “devices used to steal vehicles by copying the wireless signals for remote keyless entry.” At the time, Flipper’s developers said that they were being unfairly scapegoated as the hacker boogeymen behind the nation’s car theft problem. The COO of Flipper Devices, Alex Kulagin, argued that there were many other devices sold online that were specifically marketed as car entry devices. Developers have also argued that the Flipper helps expose shoddy corporate security practices. Canada subsequently walked back the ban.