Introduction

I’ve always thought the Flipper Zero was a pretty cool gadget to mess around with, but honestly, its price tag made me wonder if it was worth the investment. Well, I finally gave in and bought one and let me tell you once you start seeing what the community has done with it, you’ll realize this device has been pushed far beyond its original purpose.

While digging through different resources, I ran into rumor that caught my attention: there is a custom firmware that enables the Flipper Zero to intercept and emulate automotive key fobs. I was skeptical at first, but the idea was too intriguing to ignore, so I decided to dig deeper.

The Russian "dark web" firmware

Circulating for quite some time under different names, including Unleashed 2.0, Private Unleashed, Private CFW, Codegrabber CFW, Quantum 3.0, they all refer to the same firmware, developed by a Russian individual known as Eng1n33r. His real identity has allegedly already been leaked and he's believed to be the original creator of the Unleashed firmware, although the circumstances surrounding his departure from the project remain unclear.

The firmware claims that it is capable of creating a shadow copy of a vehicle key fob by intercepting a single transmission. According to the documentation, this affects vehicles from multiple manufacturers, including KIA, Ford, Audi, Volkswagen, and many others, with even modern models said to be vulnerable. Below is a list of the affected models:

Private unleashed models page 1

Private unleashed models page 2

The price of the firmware is $600 for the basic version or $1000 for the extended version, which includes future updates and support, with the only accepted payment option being cryptocurrency, obliviously. To prevent unauthorized redistribution, the developer has also implemented some kind of hardware identifier lock.

Despite the efforts to prevent leaking the firmware, recently there has been a cracked version released to the public, that bypasses the hardware identifier lock. This caused a surge in news about the firmware and YouTube videos showcasing its capabilities. It also opened the door for reverse engineering the firmware, sparking interest in the community about turning it into an open-source project.

Release of the ProtoPirate app

That's exactly what happened. Members of The Pirates' Plunder group have created ProtoPirate, a Flipper app package that is free, open source, and can be used on any firmware. The project quickly gained attention, attracting many contributors. The app already supports nearly all the vehicle models of the leaked firmware, with further development highly anticipated.

The app repository was originally hosted on GitHub, but Eng1n33r and his business partner Derrow filed DMCA take-down notices that resulted in its removal. They claim that ProtoPirate contains their “copyrighted” code that is not under an open-source license. Meanwhile, the Flipper Zero firmware is licensed under GPLv3, which explicitly prohibits the creation of closed-source projects based on its code. Due to GitHub’s notorious “ban first, talk later” approach to DMCA enforcement, the developers were forced to relocate the repository to the current self-hosted Gitea instance.

The situation has since escalated. Members of The Pirates’ Plunder have been subjected to repeated DDoS attacks and ongoing online harassment, including doxxing and threats. It is very clear that Eng1n33r and Derrow are attempting to undermine and discredit the project after it rapidly gained popularity and began threatening with their business.