Do you remember when Nintendo finally issued an update for Mario Kart 7 after an absence of ten years? It has come to our attention that this was done in order to patch a major vulnerability that “may let an attacker to obtain full console control.”

Despite the fact that the problem was apparently discovered for the first time in 2021, PabloMK7, Rambo6Glaz, and Fishguy6564 have been attributed with the discovery of “ENLBufferPwn.” This vulnerability is considered to be so severe that the CVSS 3.1 calculator assigned it a critical score of 9.8/10.

An online publication included a proof-of-concept (PoC) attack as well as technical details relating to a remote code execution vulnerability that affected many Nintendo titles and was fixed by Nintendo between the years 2021 and 2022.

The security flaw, which has been given the identifier CVE-2022-47949, might make it possible for an attacker to remotely execute code on the victim’s console if they just played an online game with the victim. The CVSS 3.1 calculator assigned the vulnerability a score of 9.8 out of 10, which is the Critical rating.

A significant number of first-party Nintendo games make use of the network library known as enl (or Net in Mario Kart 7), which contains the C++ class NetworkBuffer. Incorrect bounds checking performed by the NetworkBuffer class is the root cause of the vulnerability. A remote attacker may overrun a buffer and execute arbitrary code on the system if they sent a UDP packet that they had specifically prepared for that purpose. The researchers referred to the flaw as “ENLBufferPwn” in their research.

The CVE-2022-47949 flaw has been validated and shown to function properly in the following games, according to testing and confirmation.

• Mario Kart 7 (fixed in v1.2)
• Mario Kart 8
• Mario Kart 8 Deluxe (fixed in v2.1.0)
• Animal Crossing: New Horizons (fixed in v2.0.6)
• ARMS (fixed in v5.4.1)
• Splatoon
• Splatoon 2 (fixed in v5.5.1)
• Splatoon 3 (fixed in late 2022, exact version unknown)
• Super Mario Maker 2 (fixed in v3.0.2)
• Nintendo Switch Sports (fixed in late 2022, exact version unknown)

The ENLBufferPwn vulnerability allows an attacker to take advantage of a buffer overflow in the C++ class NetworkBuffer that is included in the enl (Net in Mario Kart 7) network library. This library is utilized by a large number of first-party Nintendo titles. These two methods, Add and Set, are included in this class, and they are responsible for populating a network buffer with data arriving from other players. None of these approaches, however, verify that the data being entered can really be accommodated inside the network buffer. Because the data that is entered may be controlled by the attacker, it is possible for them to cause a buffer overflow on a remote console by simply engaging in an online gaming session with the victim. If everything is done correctly, the person who was exploited could not even realize that a vulnerability was exploited in their console. The results of this buffer overflow are unique to each game, ranging from relatively harmless modifications to the game’s memory (such as repeatedly opening and closing the home menu on the 3DS) to more severe actions, such as taking full control of the console, as will be demonstrated in the following paragraphs.

The vulnerability was been addressed in Splatoon 3, Mario Kart 8, Mario Kart 8 Deluxe, Animal Crossing: New Horizons, ARMS, Splatoon 2, and Super Mario Maker 2, in addition to Mario Kart 8 and Mario Kart 8. One of the persons who found the vulnerability said that “coupled with other OS vulnerabilities, the vulnerability might enable an attacker to accomplish complete console control.”

The post Hacking Nintendo Switch, 3DS, and Wii console. Vulnerability allows hacking remote console by simply engaging in an online gaming session with the victim appeared first on Information Security Newspaper | Hacking News.

At the beginning of the investigation, Bowser faced 11 serious charges, although he has only pleaded guilty to conspiracy to evade security mechanisms in technological devices and traffic in evasion devices. Team Xecutor developed pirated software and emulators for Switch, Nintendo 3DS, Xbox, PlayStation and NES Classic.

The defendant admitted to working with this group between 2013 and 2020, during which time he managed illegal websites and sold software to hack consoles and devices. In the lawsuit against Team Xecutor, Nintendo claims to have lost more than $65 million USD due to this group.

Nintendo thanked the law enforcement agencies involved in the investigation, which include the Federal Bureau of Investigation (FBI) and the Department of Homeland Security (NHS).

The video game company has always tried to take strict action against the illegal use of its products. Previously, Nintendo won a lawsuit against the RomUniverse platform, forcing the website’s administrators to pay $2.1 million USD compensation, plus they had to destroy all the illegal ROMs developed.

More recently, Nintendo began sending out copyright warnings against the GilvaSunner YouTube channel for its Nintendo soundtrack videos, which will likely lead to the channel’s definitive shutdown. 

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Hacker sentenced to 3 years in prison for developing pirated software for Nintendo Switch appeared first on Information Security Newspaper | Hacking News.

The Nintendo Switch handheld console has become very popular, emulating sales of consoles like the PlayStation 4. However, there is a problem with this device: video game crackers have deciphered possible methods of hacking the console, affecting Nintendo’s profits, mentioning information security awareness experts.

Team-Xecuter hackers, jailbroken in the first generation of Switch in 2018, have just announced the development of SX Core and SX Lite, tools to crack all versions of Switch.

According to information security awareness researchers, a cracked switch can be used by downloading network resources and does not require players to purchase authentic games, either in their physical or digital version. After Nintendo announced the correction of exploited vulnerabilities, Team-Xecuter hackers followed their investigation into the console code, putting various cracking tools up for sale through its website.

What has Nintendo done about it? There is currently a legal procedure to prevent Team-Xecuter from further selling these cracking tools. However, given the nature of cracking developed by this group, Nintendo cannot do much to stop users using pirated software, so only new versions of the console remain to be released: “Team-Xecuter illegally designs and manufactures an unauthorized operating system, in addition to the hacking tools that complement it,” Nintendo’s demand mentions.

The company has also managed to shut down some hacking websites, although video game crackers do not stop. In the event that things don’t change, information security awareness specialists anticipate that Nintendo will start reporting ever-increasing economic losses, so it will be difficult to develop quality video games without the fear of loss.  

The post Every Nintendo Switch model could be jailbroken with this tutorial. Nintendo suing the hackers appeared first on Information Security Newspaper | Hacking News.

Recently, hundreds of Nintendo console users reported various signs of suspicious activity on their accounts through social media. According to network perimeter security experts, these alleged attackers entered users’ accounts to use their payment cards and purchase products from Nintendo’s digital store.

Just a few hours ago Nintendo acknowledged the incident, mentioning that these threat actors attacked the Nintendo Network ID (NNID) login system in early April, compromising users’ accounts. This system is mainly used by console owners such as Nintendo 3DS and Wii U, which are no longer supported. It should be noted that this is a different system from that used by Nintendo Switch users, which requires a Nintendo account.

According to network perimeter security experts, an NNID account can be linked to a Nintendo account and used as a login option. In the event that a threat actor accesses a linked NNID, it could easily access the corresponding Nintendo account. Once inside the account, hackers would have access to the victim’s payment cards and even their accounts on payment systems like PayPal.

The company did not provide technical details about the intrusion, although it added that the hackers obtained NNID accounts illegally through a third party. In response, Nintendo disabled the feature to access Nintendo accounts using NNIDs, in addition to having reset the passwords of the compromised accounts, the network perimeter security experts mention. 

User reports also mention that threat actors might also have modified some data in users’ profiles, such as “nicknames”, dates of birth, place of origin, and email address associated with NNID. Not everything is bad news, as Nintendo claims that users’ credit card data was not compromised during the incident, so hackers only used it inside the virtual store.

This incident demonstrates that the gaming community is a frequent target of threat actors, experts from the International Institute of Cyber Security (IICS) mention. Recently the code of two popular video games was leaked, which caused various problems for developers and users. As if that wasn’t enough, experts warn about a new variant of ransomware that could affect thousands of Fortnite players.

The post Nintendo hacked. Details of 160,000 accounts leaked. Hackers can spy through Nintendo Switch appeared first on Information Security Newspaper | Hacking News.

Through social media, multiple gamers have denounced the hacking of their accounts, attracting the attention of video game enthusiasts and the cybersecurity community.

One of the most recent victims is Twitter user Pixelpar, who is also the editor of a video game blog: “I suspect Nintendo has suffered a considerable attack,” he posted. The editor decided to start his own investigation, formulating a questionnaire that would be answered by those who had experienced a similar incident.

According to logical security experts, to verify if an account has been compromised, Nintendo Switch users can verify a recent login history in the “Login and Security Settings” tab. If an unknown location appears in the list, the account may have been attacked.

In this case, affected users must perform an account recovery process. This process is explained in detail on the company’s official platforms.

Millions of people will remain isolated in their homes over the next few months, so these kinds of attacks could continue. Faced with this possibility, logical security experts and Nintendo recommend that users enable two-step verification.

The following is the process to enable this security layer, step by step:    

• Log in to https://accounts.nintendo.com
• Select “Login & Security Settings”, scroll down, and click “two-step verification”
• Click “Enable two-step verification”
• Select “Send” at the end. This will send an email with a verification code. Go back to the page with the code, enter the code, and then click “send” again
• Install Google Authenticator on your smartphone
• Scan the QR code of your Nintendo account on Google Authenticator
• This will cause a verification code to appear on your smartphone. You must then enter this code on the Nintendo Account screen and press “send”
• The backup codes will then appear. This information must be copied to a sheet of paper or a secure location in order to use them if you cannot sign in through Google Authenticator
• Verify that you have entered the backup codes by pressing “saved backup codes” and then click “OK”

For further reports on vulnerabilities, exploits, malware variants and computer security risks you can access the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.

The post Nintendo accounts & Switch consoles are getting hacked. 9 Steps to secure your console appeared first on Information Security Newspaper | Hacking News.

Now, about three months after its release, the Nintendo Switch Lite console has been hacked. It should be remembered that the original Nintendo Switch was hacked less than two months after its release.

A couple of days ago, the renowned video game hacking organization Team-Xecuter released a video showing a Nintendo Switch Lite console running their SX OS 3.0 operating system. Although the video does not show further technical details, it is obvious that the hack allows users to install “homebrew” applications (in practice it is another way of saying piracy) on Nintendo’s console.

Ethical hacking specialists are still unclear on how this hack works, so there’s nothing left but wait for Team-Xecuter to reveal the procedure used, which they are supposed to do during the first days of 2020. It is expected that, as they have done on previous occasions, interested parties will have to pay Team-Xecuter to access the technical details of the hack.

To be more specific, it is necessary to mention that the concept “homebrew” is attributed to an open source software package management system that makes it easier for developers to create their own software. Usually this is a resource used for the creation of media players or web browsers without malicious purposes, although in the case of the video game industry, the homebrew applies for unofficial and unlicensed software, created by amateur developers on hacked operating systems.

After a console is hacked it is possible to execute code obtained by illicit means; simply put, a console able to run homebrew is the first step in being able to install cracked video games, which represents big losses for developers.

One of the main problems to be solved in the development of a console is the prompt detection of its weakest points, as hackers will try to exploit these flaws in order to execute pirate code, mention the experts in ethical hacking. This protection work does not end in the development stage, as companies constantly release security updates to correct existing failures and prevent the appearance of new weaknesses.

At this point Nintendo must be working on a way to fix the vulnerability exploited by hackers to install the SX OS 3.0 system, so the flaw could be fixed before Team-Xecuter getting revenues of this security error. In the video game industry this has become a kind of race in which developers try to anticipate hackers’ next movement to prevent the emergence of new exploits beneficial for piracy.

On multiple occasions the ethical hacking experts of the International Institute of Cyber Security (IICS) have reported the activities of this hacker group, detected more than ten years ago, and that have been linked to the hacking of consoles such as the original Xbox, Nintendo Switch and other systems.

The post Nintendo Switch Lite Console hacked and cracked appeared first on Information Security Newspaper | Hacking News.

The authorities, just like the video game developer, hope that this measure will help limit the ability of hackers to distribute pirated versions of such software, as well as assist in the fight against malware distribution through these illegal sites.

“The company is trying to push a new ‘Zero Tolerance’ policy on piracy, taking the case to the court and forcing Internet service providers to help Nintendo,” ethical hacking specialists say. The Nintendo Switch console has become one of the hackers’ favorite targets; whether to download games illegally or to inject malware into the devices of unsuspecting gamers, multiple threat actors have tried to find various ways to breach the security of the portable console.

The High Court ruling, for now only applicable to the top five Internet service providers in the UK, forces companies to take a proactive stance in combating piracy, blocking access to major pirated video game distribution websites.

Although authorities and entertainment software developers are aware that this measure will not solve the problem, it could impact hackers’ piracy distribution capability. The High Court has already resolved the ruling, now it remains for companies (Virgin Media, Talk Talk, EE, Sky Broadband and BT) to implement the necessary actions to comply with the court order.

Ethical hacking specialists mention that this is a clear example of how a major company can influence a country’s legislative agenda to implement measures against malicious users that put their users at risk and, of course, their incomes.

This is not the first time British lawmakers have tried to use Internet service providers in the fight against piracy. In 2017, a bill was passed that conditioned companies to alert via email users of these sites about the potential risks of downloading pirated content. However, this only caused users to turn to websites that were not blacklisted by the British authorities, something that many fear may also happen on this occasion.

Specialists in ethical hacking at the International Institute of Cyber Security (IICS) claim that, due to its popularity, hackers are constantly working to find vulnerabilities in Nintendo Switch. A clear example is the release of the latest version of the console firmware, which was hacked the same day it was released. The hackers managed to compromise Switch firmware version 7.0.0 just four hours after Nintendo made it available.

The post Downloading pirate games for Nintendo Switch will be impossible very soon appeared first on Information Security Newspaper | Hacking News.

Nintendo claimed to have added advanced security codes in this new version of the switch firmware

The latest version of the Nintendo Switch firmware was hacked the same day it was launched, reported network security and ethical hacking specialists from the International Institute of Cyber Security. Users managed to hack the anticipated 7.0.0 firmware version, implemented to improve the stability of the console, just 4 hours after its launching.

Nintendo claimed that this version of the Switch firmware included advanced security codes as a preventative measure against any hacking activity, although due to this incident, network security specialists consider the developers underestimated the capabilities of console users and videogame hackers.

Thanks to this Nintendo has become the target of the mocking of thousands users on various platforms of social networks, mainly in Reddit, because even the most enthusiastic have surprised the ease and efficiency with which the hackers achieved to bypass the “advanced” Switch firmware security measures.

The hacker in charge of compromising the firmware, known as ‘Elmirorac’, was supported by another hacker with the alias of ‘SciresM’, which is the same expert who discovered how to fully compromise a Switch console, also mentioning that this bug only could be solved with a hardware update.

Network security experts believe that Nintendo should reconsider the exclusive use of Nvidia Tegra processors in its consoles, installing a new set of chips before these drawbacks are incorrigible and the use of piracy completely seizes the market of the Switch consoles.

The bug, known as Tegra Bootrom, is a widely documented security problem. Experts consider that even Google should pay attention to the problems generated by the use of these chips, as these hardware pieces are also used in multiple Android devices.

The post New Nintendo switch firmware was hacked the same day it was released appeared first on Information Security Newspaper | Hacking News.

This exploit uses a vulnerability inherent in the USB recovery mode of the Tegra X1, bypassing blocking operations that would protect the ROM boot of the chip. By sending an incorrect “long” argument to an incorrectly coded USB control procedure at the correct point, the user can force the system to request up to 65,535 bytes per request. That information overflows a crucial memory direct access buffer (DMA) in the bootROM, allowing data to be copied into the stack of protected applications and giving the attacker the ability to execute arbitrary code.

It seems that the hardest part of the exploit is that it may be forcing the system to a USB recovery mode, information security professionals said. To do this without opening the system, it is necessary to short-circuit a certain pin in the correct Joy-Con connector. The Fail0verflow hacking team tweeted an image of a small plug-in device that can apparently provide this short circuit easily.

What makes this exploit worrying for Nintendo is that it seems that it cannot be solved by a simple downloadable patch; the defective bootROM in question cannot be modified once the Tegra chip leaves the factory. That’s a security measure if the bootROM itself is secure, but it becomes a big problem if the bootROM is exploited, as is the case here, information security researchers said.

As Temkin writes, “Unfortunately, access to the fuses to configure the device’s ipatches was blocked when the ODM_PRODUCTION fuse was blown, so the bootROM update is not possible. It is suggested that consumers are aware of the situation so they can switch to other devices. ”

That suggestion is not very useful for Nintendo, which has already sent more than 14.8 million vulnerable Switch systems to the public. Previous software-level vulnerabilities in Nintendo systems could be mitigated through upgrades of downloadable systems, Nintendo attempts to force users by making them a requirement for new software and access to online servers.

Now, the use of this exploit by the public is limited to a program and load of Python “proof of concept” that can be used to show protected information of the ROM boot instructions of the switch, said information security analysts. The most complete details of how to use the exploit will be published on June 15, writes Temkin, adding on Twitter that “the guides and information so you can use it are also nearby.” And the work continues on a custom Switch boot manager called Atmosphère that apparently will exploit the exploit to run.

The professional also says that she previously notified Nvidia and Nintendo about the existence of this exploit, providing what she calls an “adequate window to communicate with her clients and to achieve the highest possible correction for an unsupported bootROM error”.

The information security expert, Temkin, also writes that he is publicizing the exploit due to “the possibility that the parties that independently discover these vulnerabilities will do very badly”. It is believed that other groups were threatening to publish a similar exploit before the planned release of the Team ReSwitched summer, forcing early disclosure.

The launch is also partly a response to Team Xecuter, a team that plans to sell a modchip exploit that can allow similar code execution on the switch. Temkin opposes Xecuter’s explicit endorsement of piracy and efforts to take advantage of keeping information to some people.

The post Nintendo Switch could be hacked with exploit that can’t be fixed appeared first on Information Security Newspaper | Hacking News.