Forgot your password?
typodupeerror
Sony Portables (Games)

First PSP Trojan Reported 76

Posted by Zonk
from the watch-what-you-click dept.
Evangelion writes "PSP hackers beware! According to 1up.com today, Symantec has identified the first PSP Trojan in the wild. Known as Trojan.PSPBrick, it turns the PSP into, well, a brick. With buttons. Users have to download and install it themselves, and as a result it effectively breaks the PSP."
This discussion has been archived. No new comments can be posted.

First PSP Trojan Reported

Comments Filter:
  • by PapaBoojum (232247) on Thursday October 06, 2005 @03:05PM (#13733139)
    ...I would recommend users NOT download it.
    • Re:Well then... (Score:4, Insightful)

      by RootsLINUX (854452) <rootslinux@3.14gmail.com minus pi> on Thursday October 06, 2005 @03:28PM (#13733339) Homepage
      Wait, so I actually read TFA and I didn't see any details here. If the hack takes out user buttons, what's to stop it from taking out all other I/O? How do you remove a virus when you have no way to actually get your machine to interact with anything in the real world? The symantec report says removal is "difficult". What if someone accidentally downloads this virus, then isn't able to use their PSP anymore because they can't wipe the memory clean? Who is responsible then? Does Sony have to give them a brand new PSP? Do they have to physically open the device and set a jumper to clear the memory? I want to know the implications of the virus, not just "there's a virus, and it's bad".
      • Read TOFA:
        "Trojan.PSPBrick is a Trojan horse that deletes critical system files on a Playstation Portable device, preventing the device from restarting correctly."

        That probably means that it's impossible to recover without debugging hardware.

        -paul
      • Re:Well then... (Score:5, Insightful)

        by Joe Random (777564) on Thursday October 06, 2005 @05:36PM (#13734487)
        If the hack takes out user buttons,
        It doesn't just take out the buttons; it flashes the firmware with junk, preventing the PSP from even booting.
        What if someone accidentally downloads this virus, then isn't able to use their PSP anymore because they can't wipe the memory clean? Who is responsible then?
        The user is, of course. The trojan is disguised as a firmware downgrader, and there's no way in hell that Sony is going to reimburse a person who was trying to "hack" their PSP. I'm pretty sure that there's something in the PSP boilerplate that covers that, but I'm too lazy to look.
        Do they have to physically open the device and set a jumper to clear the memory?
        There is no jumper. The memory has to be rewritten by an EEPROM programmer, which I doubt that any normal user is going to have access to. Sony won't send you a new PSP, and I don't doubt that, if anyone out there were able to reflash the PSP's firmware, Sony would be suing them under the DMCA or something.

        In other words, this trojan turns your PSP into a $250 paperweight/brick, hence the name.
      • What if someone accidentally downloads this virus, then isn't able to use their PSP anymore because they can't wipe the memory clean?

        All this will show is that (as usual) people have more money than sense. Don't fuck around with expensive gadgets unless you:

        a) know what you are doing or
        b) can afford to rectify/replace mistakes.
  • by Zangief (461457) on Thursday October 06, 2005 @03:08PM (#13733163) Homepage Journal
    As to install a virus manually!

    Hey, Microsoft just sent me a security update! Nifty!
  • That the Symantec page continues to instruct how to recover Windows XP? How useful... with that key info, I'll have my PS2 back up and running in no time!
  • They make it sound like you download something they advertise as a trojan. I RTFA, and its made out to be a program to let you run your own games.
  • why would someone want to do such a thing
    • The tin foil hat community has theorised that Sony themselves wrote this virus as a way of scaring PSP owners into updating to the latest 2.01 firmware. The latest version prevents you from downgrading to firmware 1.5 and running emulators and other homebrew games. Because the latest firmware doesn't have a web browser or any other "must have" feature, they need something to spur people into updating...
      • But in REALITY, we know that there are white-hat, and black-hat hackers.

        Once the community finds the vunerability, it is free game for the white-hats (firmware downgrader) and black-hats (firmware toaster). You should feel lucky that a remote exploit hasn't been found (yet).

        Sony has provided a fix for the vunerability, because they have TWO significant financial interests. Most of you think there's only one (locking down the system to enforce licensing fees from developers), but there is another very seri
    • Probably for the same reasons someone would write a virus for Windows?
  • "Users have to download and install it themselves"

    Don't download and install it. It's not like they can creatively name an email attachment, and if it is turning PSP's into bricks, then you are not going to get it from another PSP.

    Aside form all of that, it is interesting that there is already a virus out there at all for this handheld device. Although 'brick'ing a psp is just completely malicious, and has no effective purpose.

    I give this virus a 2 out of 5 on the creative scale. (+1 for being the first)
    • by snuf23 (182335) on Thursday October 06, 2005 @03:51PM (#13733494)
      It's not a virus. It is a Trojan horse [webopedia.com]. A program which claims to be something beneficial but in reality just messes your computer up.

      "Don't download and install it."

      I'm sure if it's listed as "PSP Trojan Horse - turn your PSP into a useless brick" - nobody would download it.
      • As I mentioned in another post above, a Trojan Horse is a program that masquerades as something it isn't, in order to deliver malicious (read: virus) code, which then causes havoc.
        • Virus is usually to describe something that spreads (is contagous) and can be a benign (excpet the spreading part) proof of concept for example.

          Trojan Horse must be malicious or detrimental, and does not spread at all.

          Malicious is not read Virus, Malicious is Malicious, and Virus is Spreading.
        • "in order to deliver malicious (read: virus) code"

          malicious
          adj.

          Having the nature of or resulting from malice; deliberately harmful; spiteful: malicious gossip.

          A Trojan horse just has to be harmful and deceptive, not deliver a virus. A batch file with rm -rf in it named "coolfungame" could be considered a Trojan horse.
          Now if a virus infects a program file and executing the program causes the viral code to be executed, some people consider the infected file to have become a Trojan horse.
    • Well this is really amusing! anyway I don't think anyone would download that file, or any other file, without knowing it comes from a safe source... with all trojan/virus/spywares around nowadays...!
  • Sweet! (Score:2, Funny)

    by theantipop (803016)
    I've been waiting for the upgraded version of my pet rock [wikipedia.org]. "Pet Brick, now with buttons!".
  • by Iriel (810009) on Thursday October 06, 2005 @03:20PM (#13733272) Homepage
    Yeah, I heard about this. It was made by SONY and the file is called something like |\/|@d_1337_3|\/|ul873rz!.exe
  • New Market (Score:2, Insightful)

    by jelloshotgun (891531)
    Does this mean that Symantec is going to begin marketing antivirus software for the PSP?
    • Does this mean that Symantec is going to begin marketing antivirus software for the PSP?
      No way. Considering current Norton Antivirus deployments (PC), a PS1 would easily outperform Symantec-infected PSPs.
  • PSafeP (Score:2, Interesting)

    There is a program called PSafeP [qj.net] for Windows that claims to check EBOOT files for suspicious code. I have yet to verify its validity (my PSP is still collecting dust). Has anyone here checked it out?

    (Sorry for linking to PSPUpdates, but it's the only place I've seen this.)
  • It sounds like an Out and out classic virus .
    Reminds Me of the Good old days when Viruses did real damage and were not company tools .
  • I think this article makes a very important point, if only indirectly. There are two common ways of looking at the "virus situation" on non-Windows platforms, both of which are wrong.

    One line of thought, perpetrated mostly by the Anti-Virus companies, is: "Of course there are viruses for [insert name of system they now have a product for]!" They love to scare people into thinking viruses are everywhere, and can get onto your system no matter how careful you are. Buy our product!

    The other line of th
    • Not sure what that program's supposed to do that's so bad. I got this when I ran it:

      $ ./SpottedKuhTrojanExample
      Now type your password to install free screensavers!
      Password:
      rm: -rf: No such file or directory
      rm: /: is a directory
      $

      Is that what it's supposed to do?

      On the downside, I didn't get any new free screensavers :-(

  • They COULD have manufactured the firmware updater in the ROM, not flash/RAM/wherever. But no!

    If there were a virus like this for the DS, it could totally spread like a virus. Imagine:
    "Oh, COOL! I thought [game] wasn't out yet! I'll download it right away!"

    Now imagine coupling this with some sort of wireless buffer-overflow exploit (that does not exist, as of yet). The horror!
  • by Vampo (771827)
    From the Symantec page, simple instructions to remove the virus:

    The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

    1. Disable System Restore (Windows Me/XP).
    2. Update the virus definitions.
    3. Run a full system scan and delete all the files detected.

    thanks Symantec, nothing like a clean WinXP on my PSP again :)
  • <announcer voice>
    Trojan.PSPBrick... Brought to you by Nintendogs!
    </announcer voice>
  • I WONDERED how my dead pixels got cured...
  • Sony strikes back (Score:3, Interesting)

    by hal2814 (725639) on Thursday October 06, 2005 @04:29PM (#13733815)
    Wonder who wrote this trojan? Could it be a certain company that doesn't want you loading unauthorized software?
    • I would love to believe that, because I really hate Sony, but I don't think that's what's going on.

      There have been hackers amongst the psp community who have joked about it, and made the information public titled exactly "How to brick your psp". There has been bad blood between a few groups, some of which I wouldn't put it past.

      I love my psp, very sweet machine, but Sony still steams me.
    • Wonder who wrote this trojan? Could it be a certain company that doesn't want you loading unauthorized software? Careful do not want to give then too much credit.
    • While I love conspiracies as much as the next guy, I don't think would really be to Sony's benefit. Don't they take a loss on all hardware sold, that they expect to recoup through software sales? If you brick your PSP, you're likely to just go out and buy another one. And a lot of types that do this kind of hacking aren't buying a lot of software anyway, so it would just cost Sony money.
  • by Teppy (105859) *
    Though this trojan may be primitive, the fact that it permanently destroys* the PSP shows that PSPs are one buffer overflow away from an effective hardware destroying virus.

    Imagine a place with a high concentration of WiFi-running PSPs, such as E3, GDC, etc. A virus makes a connection to another PSP, infects it remotely using said buffer overflow, does that a few times, and then 24 hours later kills it's host.

    * Best I could tell, there's no way to remove it from the PSP. The "removal instructions" on Symant
  • With more and more devices being connected via the Internet. There will be a sufficent increase in worms and viruses that plague handhelds and other non-PC's. Think about how many other devices are connected to the Internet now. Cell-Phones, PSP's, XBOX's, PS2's, XBOX 360's, PS3's, Revolution's, etc. When these all are connected to the internet, users demand more functionality. With that, they get the darker side of the Internet. This PSP trojan is just the tip of the iceberg.
    Lol, ironically, there is a P
    • "This PSP trojan is just the tip of the iceberg. "

      ummm... does anyone realize this is a GOOD thing?

      Ok a trojan isnt a good thing, but the fact that PSPs have become soooo popular that there's people out there actually writing viruses for it?

      I mean think about it, only the most popular consumer products have viruses. Windows? Tons. Mac? Basically none. Does that mean you can't have a Mac virus? Of course not, just means so few people have Macs that no one's out there bothering to make viruses for

  • i wonder who benefits the most from dead psp's...

    it's not like the RIAA/MPAA hire goons to poison p2p networks...

    oh wait...
  • Ahem (Score:2, Funny)

    by Areeves (598018)
    Torrent? .....anyone? oh wait...
  • This is the disassembled code generated by Skylark from TOC2RTA.COM [toc2rta.com]

    As you can see, 4 files are deleted from the flash memory, then a few lines of text are displayed. Without these files, the PSP cannot boot, so it's bricked.

    _start:
    call main()
    while(1)

    sceIoAssign:
    syscall 0x20a8

    sceIoRemove:
    syscall 0x209e

    main:
    call FillVram(0)
    call Print(1,1,
  • Accoding to impress [impress.co.jp] (sorry, in Japanese), SCEI has no intention to provide support for users whose PSP are broken due to this trojan horse, saying this happens only when they are using their PSP in an (unsupported|illegitimate|unauthorative) way.
  • Noone bothered to write me up a nice article when I introduced my Trojan.PSPThrowItAgainstTheWall hack :/ It made any PSP basically useless too.

  • When and if a exploite is found in the PSP browser that lets you run code it will only be a matter of time for this to be used.

    The only good thing about that is then sony would have to fix bricked PSP's.

    I also herd something a while back that Team Xcuter was making a way to reflash PSP's
  • Anybody have a .torrent?

You are in a maze of little twisting passages, all different.

Working...