Opinion

Development kits for gaming consoles

Malicious programs for computers have been around for more than 20 years. It was the birth of the Internet which really enabled these digital pests to make a breakthrough.

Until now, gaming consoles have been more or less immune to malware. Yes, there’re been Trojans for the Nintendo DS console (Trojan.Nintendo.Taihen.a and .b) and for the Sony Portable Playstation (Trojan.PSP.Brick.a) but the number of victims has been small. This is because the user has to tweak the console in order for so-called homebrew software (i.e. software not certified by the console manufacturer) to run.

There’s a Linux distribution available for the Sony Playstation 2 (which will also be available for Playstation 3) which just cries out for programming. However, any programs created will only run on Playstations which have the distribution installed.

Microsoft recently announced that in future, users will be able to purchase a development kit with a $99 a year registration fee – no Linux here. Programs developed using the kit will only run on Xboxes where the user has also paid the registration fee, and they can only be copied to another console as source code. From a security point of view, this is a wise decision.

I hope that things won’t change much in the near future. If Sony, Microsoft , Nintendo or hackers made it possible to easily download programs developed by users via the Internet, Pandora’s box would be opened. The combination of unprotected gaming consoles, the Internet and the possibility of previously unknown vulnerabilities would lead to gamers who had been immune to malware becoming a target for virus writers.

Development kits for gaming consoles

Your email address will not be published. Required fields are marked *

 

Reports

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Subscribe to our weekly e-mails

The hottest research right in your inbox