Videogame console viruses: a new cause of concern for users?

Over the last few days, PandaLabs has detected the appearance of specific malicious code for two widely used videogame consoles. The Format.A and Tahen (variants A and B) Trojans are designed to affect Sony’s PSP (PlayStation Portable) and Nintendo DS respectively.

These three Trojans are extremely dangerous as their attacks delete critical files, and can even irreversibly render the console unusable in the case of PSP. In order to spread, Format.A is designed to imitate a tool developed to enable running unsigned code on PSP consoles. The Tahen Trojans, on the other hand, simulate homebrew applications for Nintendo DS. However, when users install them they overwrite certain areas of firmware (software embedded in certain hardware) on the Nintendo DS console and the G6, XGFlash, SuperCard and GBAMP devices (which allow cartridges to be recorded with software to run on the console).

At first glance, this looks like a serious problem as it can irreversibly affect expensive devices. However, if people use the consoles according to the manufacturers’ instructions, the chances of infection are almost zero. Luis Corrons, director of PandaLabs, is doubtful that these malicious code can spread massively: “The videogame consoles are not designed for using third-party software. In order for the malicious codes detected so far to reach one of these consoles, users would have to voluntarily run applications from unauthorized sources. Remember that just as with PCs, downloading and running software from dubious sources is always a serious security risk.”

In terms of future malicious code for videogame consoles, Corrons doesn’t believe they will become a serious cause for concern. “At present, all we can say with certainty is that malicious code similar to that so far detected will continue to appear, given that the instructions for creating them are readily available on the Internet. The chances of malicious code appearing that represent a serious threat to all users of these devices depend largely on the functionalities that developers include in the new versions of these products and the corresponding security measures implemented.”

Practical tips to prevent attack from videogame console Trojans

Even though users are unlikely to suffer an attack from Format or Tahen., PandaLabs offers a series of practical tips for users of these consoles:

– Don’t insert UMD disks or memory sticks for PSP or DS cartridges that have not been recorded by an authorized developer.

– Don’t establish external communication (USB, IrDA or WiFi) with non-trusted consoles or computers that could transfer unwanted information.

– Don’t try to run applications from unauthorized developers on the video console.

– If nevertheless, you want to install a software packet on the console, it should be previously scanned on a computer with a reliable and up-to-date antivirus.

Panda Software has made updates available to users in order to detect and eliminate these Trojans in any file that could be installed on a videogame console.

About PandaLabs

Since 1990, its mission has been to analyze new threats as rapidly as possible to keep our clients save. Several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. To achieve this, they also have the support of TruPreventâ„? Technologies, which act as a global early-warning system made up of strategically distributed sensors to neutralize new threats and send them to PandaLabs for in-depth analysis. According to Av.Test.org, PandaLabs is currently the fastest laboratory in the industry in providing complete updates to users (more info at www.pandasoftware.com/pandalabs.asp).