Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
JetBrains Patches 6 Vulnerabilities in TeamCity, YouTrack, IntelliJ IDEA
July 16, 2026
WhatsApp GhostPairing Flaw Lets Attackers Hijack Accounts
July 16, 2026
Flipper Zero Add-On Detects Skimmers with Specter Tool
July 16, 2026
Home/CyberSecurity News/Flipper Zero Add-On Detects Skimmers with Specter Tool
CyberSecurity News

Flipper Zero Add-On Detects Skimmers with Specter Tool

Key Takeaways A new Flipper Zero application, Specter, transforms the device into a passive tool for detecting active 13.56 MHz NFC readers. The app functions as a counter-surveillance mechanism,...

Sarah simpson
Sarah simpson
July 16, 2026 4 Min Read
3 0

Key Takeaways

  • A new Flipper Zero application, Specter, transforms the device into a passive tool for detecting active 13.56 MHz NFC readers.
  • The app functions as a counter-surveillance mechanism, designed to identify potentially hidden NFC readers, such as those used in skimming devices, near payment terminals or access points.
  • Specter operates by detecting the radio-frequency field emitted by NFC readers, rather than transmitting signals or decoding data.
  • It provides a “warmer-or-colder” indication of proximity to an active NFC field, using visual and haptic feedback.
  • The tool is limited to the 13.56 MHz NFC band and cannot detect 125 kHz low-frequency systems or unpowered/dormant devices.

A novel application named Specter is now available for the Flipper Zero, enhancing the portable multi-tool with passive counter-surveillance capabilities. This new app is specifically designed to locate active 13.56 MHz NFC readers, which could include illicit skimming devices concealed near point-of-sale systems, access control panels, or other sensitive equipment.

Table Of Content

  • Key Takeaways
  • Specter With Flipper Zero
  • What You Should Do

Unlike conventional NFC utilities that perform reading or emulation functions, Specter adopts a listen-only approach. The application refrains from transmitting a carrier signal, querying nearby devices, decoding card traffic, or collecting data. Instead, its primary function is to alert users upon detecting the radio-frequency field continuously emitted by an energized NFC reader.

NFC readers inherently emit a 13.56 MHz field while awaiting the presence of a contactless card, key fob, smartphone, or transit pass. Specter leverages this constant emission as its core detection mechanism.

Specter With Flipper Zero

The Flipper Zero device already incorporates an ST25R3916 NFC chip and a 13.56 MHz high-frequency antenna, hardware typically used for reading, saving, and emulating compatible NFC cards. Crucially, the ST25R3916 family of chips includes an integrated external-field detector designed to identify the presence of an ambient RF field.

Specter reportedly places this hardware into a dedicated detect-only mode, continuously sampling for the presence of an RF field. These samples are then translated into a live “FIELD %” reading, offering users a relative indication of proximity rather than precise signal strength or distance measurements.

The application’s main “Sweep” screen features an intuitive analog-style EMF gauge, a live waveform display, a peak-hold marker, and a prominent red “hot zone” to visually represent nearby NFC activity. As the detected field intensifies or becomes more consistent, the meter needle rises, and the proximity status updates from “FAINT” to “NEAR,” “CLOSE,” or “STRONG.”

When Specter successfully locks onto an active reader, it can display an alarm-style border and provide optional haptic and auditory feedback, including clicks and vibration, alongside the Flipper’s LED. The rate of clicks increases proportionally as the user approaches the source of the field, enabling effective physical sweeping of an area without constant screen observation.

This functionality makes Specter a valuable tool for authorized inspections of various environments, such as point-of-sale systems, office infrastructure, access control installations, packages, or personal items. A security team, for instance, could first calibrate the app against a known legitimate contactless terminal or door reader, then use it to identify and investigate unexpected detections elsewhere.

It is important to note that Specter detects only the presence of an active High-Frequency NFC carrier. It does not identify the specific reader, determine its malicious intent, capture transactions, or reveal any data being processed. Therefore, a positive detection should be considered an investigative lead, not definitive proof of a skimming operation.

The tool’s capabilities are confined to the 13.56 MHz NFC band. It cannot detect older 125 kHz low-frequency systems, such as many HID Prox or EM4100 deployments, due to its reliance on the Flipper’s HF NFC hardware. The Flipper Zero’s official documentation clearly differentiates between its 13.56 MHz NFC antenna and the separate 125 kHz low-frequency antenna.

Furthermore, detection is contingent on the reader being powered and actively polling for cards. A device that is shielded, dormant, operates intermittently, or is trigger-based may not emit a detectable field. Consequently, a clear sweep does not guarantee an area is entirely free of tampering.

Specter is distributed as a single .fap application. A prebuilt release is available for installation via qFlipper, typically placed under SD Card/apps/NFC/. Advanced users also have the option to compile the application using ufbt.

What You Should Do

  • For defensive use, launch Specter, navigate to the “Sweep” screen, hold the Flipper Zero flat against the target area, and move it slowly while monitoring the on-screen meter or listening for the accelerating click feedback.
  • Before using Specter for inspections, especially in commercial or public spaces, ensure you have explicit authorization from the equipment owner or relevant authorities.
  • Understand that a positive detection from Specter is an indicator of an active NFC field, not conclusive evidence of a malicious device. Further investigation is required to determine the nature of the detected reader.
  • Be aware of the tool’s limitations: it only detects 13.56 MHz NFC fields and cannot identify unpowered or intermittently active devices.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

Security

Share Article

Sarah simpson

Sarah simpson

Sarah is a cybersecurity journalist specializing in threat intelligence and malware analysis. With over 8 years of experience covering APT groups, zero-day exploits, and advanced persistent threats, Sarah brings deep technical expertise to breaking cybersecurity news. Previously, she worked as a security researcher at leading threat intelligence firms, where she analyzed malware samples and tracked cybercriminal operations. Sarah holds a Master's degree in Computer Science with a focus on cybersecurity and is a regular contributor to major security conferences.

Previous Post

GPT-Red Tool Finds Prompt Injection Vulnerabilities in GPT 5.6 Sol

Next Post

WhatsApp GhostPairing Flaw Lets Attackers Hijack Accounts

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical Zoom Windows Flient Flaw Lets Attackers Take Over Accounts via Network
July 16, 2026
TuxBot v3 IoT Botnet Hijacks Devices, Launches DDoS Attacks with LLM Code
July 16, 2026
Critical Windows Bug Lets Attackers Access SYSTEM Shell Without Credentials
July 16, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Emy Elsamnoudy
Emy Elsamnoudy
Jennifer sherman
Jennifer sherman
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us