They call it a ‘tamagotchi for hackers’, but the popularity of Flipper Zero has made it a real threat for more and more scenarios and devices. In recent days, new and very annoying attacks have been discovered for owners of Android, iOS and Windows devices, but they all depend on one thing.

Notifications that don’t stop. Security researcher Jeroen van deer Ham was traveling by train in the Netherlands a few days ago when his iPhone suddenly started showing a bunch of notifications that made it almost impossible to use his device. On his return the same thing happened to him and to other passengers on the train, but he soon recognized a passenger who had also gone with him on the way out. He noticed that he was doing something strange with his MacBook, and ended up putting two and two together.









‘Bluetooth Spam’. It turned out that the cybercriminal was using a Flipper Zero to send Bluetooth pairing requests to all iPhones in its range. These continuous notifications were part of a type of denial of service attack in which a device receives so many messages and requests that it ends up “drowning” in them and is no longer able to respond or be used normally.

Flipper Xtreme. The ability to do that with the Flipper Zero is due to the recent release of a new firmware called Flipper Xtreme. Van der Ham recreated the attack in a controlled environment and verified that the same thing that had happened to him on the train was indeed happening. The curious thing is that this attack did not affect devices with an iOS version prior to 17.0. Other cybersecurity researchers also reproduced the problem and They published their conclusions in X.

Android and Windows also affected. This same problem also affects Android and Windows devices, as discovered by another researcher in this area who published his evidence on his YouTube channel, Talking Sasquach. At Bleeping Computer they explain how the Bluetooth spam tool for the Flipper Zero consists of several modes of operation, including several specific to iOS 17, Android and Windows. The cybercriminal just needs to choose one to start flooding nearby Bluetooth-enabled devices with constant notifications.

Solution: out Bluetooth. iOS users can prevent this attack by disabling Bluetooth from the device settings. It is important to note that it is not enough to disable Bluetooth from the control center. On Android there are two solutions. The first is to go to Settings -> Google -> Devices and sharing -> Share with Nearby and deactivate the “Show notification” option. The second, disable quick pairing” through Settings -> Google -> Devices and sharing -> Devices and then disable the “Show notifications” option. In Windows you have to go to Settings and, in the Bluetooth section, go to Devices -> Device Settings and then disable the “Show notifications to connect using Swift Pair” option.

An attack that is more annoying than worrying. Although this type of attack ends up being very annoying for affected users, this type of vulnerability does not in principle allow remote code execution or causing direct damage. Even so, it could be used as a route for a later phishing attack, for example, so knowing how to avoid such problems is advisable.

