The market value of console hacks

In a previous article, I claimed that modern consoles can probably only be hacked by companies, or more generally by people who can invest a relevant amount of money into R&D, then expect a significant return on investment.

Some people contacted me to ask if this is why some hackers in the PSP/Vita/PS3 scene request donations for their work. After seeing a few similar questions in my mail box, I concluded that a clarification was needed: When I said the people behind the hacks expect a return on investment, I did not mean the couple hundred bucks that a “donate” button would typically give a hobbyist hacker on the PSP scene. I meant thousands of dollars, possibly hundreds of thousands, actually.

In order to give precise replies to the people who contacted me, I looked for the answer to a simple question: what is the actual market value of a console exploit? In other words, if somebody found today an exploit for, say, the PS Vita, and contacted the right people, how much could that person sell it for? As you can guess, this is a very difficult thing to calculate. There are not so many data points, and they are all very fuzzy.

Zooming out: the Global Zero-day vulnerability market

There is more visible data outside of the console world: the price range of weaponized exploits covers a huge spectrum, but the recent pwn2own contest for example had prizes between $60’000 and $100’000 for exploits in the latest versions of major Browsers (Chrome, IE, Firefox, Safari).

As an anecdote, famous iPhone and PS3 Hacker Geohot scored $70’000 at Pwn2Own this year, for hacking Adobe Reader.

Interestingly, it seems nobody tried to actually get the prize for Safari on OSX, and some security researchers claim that such an exploit, most likely compatible with iOS, could probably sell up to $600’000 on the black market (people who complained about the “greediness” of the evasi0n team – who according to some people tried to make as much money as possible through donations and advertising as they released the latest iOs jailbreak – should put that number in perspective). That number is a bit random though, but an accepted “lowest value” for an iOS exploit on the black market seems to be around $250’000.

Looking at other sources, it is clear that zero day vulnerabilities are a profitable market. Numbers from a Forbes article claim that an exploit could sell anywhere between $5’000 and $250’000. That was a year ago, and the prices probably have increased since, in particular for an OS as popular as iOS.

(Forbes 2012)

(Forbes 2012)

Of course, there are lots of variations (Not to mention the fact that the nature of this business makes it difficult to have accurate estimates), not all exploits are the same. The amount of potential “targets” (number of users of the OS or piece of software), the rarity of exploits for a given platform, etc… need to be taken into account.

But what about gaming consoles exploits?

Zooming back in: consoles

Gaming consoles are a different story. A “buyer” for a console exploit would probably not try to hack the users’ consoles without them knowing, but instead try to monetize it by selling a downgrader, a Custom Firmware, or a modchip. It’s basically a “reversed” situation, where the users actually want the hack to happen (well, that’s similar to an iPhone jailbreak, but I am willing to bet that the people ready to pay $250’000 for an iOS exploit wouldn’t do it to work on a jailbreak)

I couldn’t find any public figures for the market of modchips, but one of the most recent examples I can think of was the PS3′s True Blue dongle.

I might share detailed numbers in another article, but I estimate that the group of people behind True Blue (and its clones) made somewhere between $500’000 and $1’000’000 of profit selling their dongles (this is pure profit after removing the resellers/affiliates margin, the dev’s share, operational costs and marketing costs. All included, I estimate the whole business around True Blue and its clones is somewhere between $2’000’000 and $5’000’000).

hack_money

The “value” in the True Blue dongle wasn’t the dongle itself. It was the underlying exploits (not made by the people behind TrueBlue) that allowed it to run unsigned games, and the way the people working on True Blue managed to acquire such unsigned games when nobody else could.

There’s lots of speculation already, but given the margins involved, I pretend that if an exploit hadn’t been available already, the people behind True Blue would have easily paid $50’000 for one (I am talking of a fully working one here, not just a proof of concept), that is, 10% of their profit.

How much would a Vita hack cost?

How about the Vita then? Well, at this point of my research, there are already too many unknowns on many levels for me to come up with any estimation that I would be confident to be quoted with. But, assuming a situation similar to that of True Blue (some people have a way to monetize a potential exploit), and keeping in mind that the Vita, so far, has sold less than 5 million units (compared to 70 million PS3 sold), I would probably revise the numbers to something a bit under $10’000.

I keep mentioning a market that is worth millions of dollars with the True blue example (and I am assuming other modchips have a similar market), so why does it get as “low” as a few thousand bucks for a full vita exploit? Well, I think what people really pay for in this black market is more the pirated content, and less the way to enable it in the first place. In other words, I don’t think a large amount of people would “buy” a CFW (or an exploit) that doesn’t come with a way to play pirated games. This is why in my estimates, the “non paid” exploit for TrueBlue represents 10% of the profit, while their secret to acquire pirated games represents 90%.

vitapirate

 

Overall, with so few users for now, the Vita is probably not a good target for these companies… but I might be wrong, and I’m sure the modchip industry is already crunching numbers to see if it is worth “investing” in the Vita…

My point however remains the same: although it might not be as lucrative as browsers/OS vulnerabilities, the market of console modchips and game piracy around a single hack/modchip easily adds up to millions of dollars, and cannot be compared to the pocket money some hobbyist hackers get when they ask for a donation.

  1. solala’s avatar

    sounds more like a cheap excuse to rather do nothing, than simple have fun at hacking and understanding a device.

    youth nowadays…

    Reply

    1. wololo’s avatar

      Can you clarify where the “cheap excuse” is? (edit: or maybe you’re talking of the previous article. Have you actually read it? I believe I made a few good points!) I’m not saying people shouldn’t try to hack, I’m just explaining how much money lies behind the shady business of modchips.

      Also not sure who you categorize in “youth”, I personally am getting further away from half the progress bar of life every day…

      Reply

      1. Slackr’s avatar

        So what is the full progress bar of life? 60? 70?
        Getting pass the half mark means you’re officially dying =( What a depressing world.

        Reply

        1. MarSprite’s avatar

          Negative. You start dying the day you are conceived. Besides which, everybody knows progress bars are a visual percentile, the half point is 50%.

          Reply

          1. solala’s avatar

            you clearly did a good work in keeping calm and answering my harsh statement with clear words.

            It was more of a test to see what kind of a person “a hacker” is.

            And you are absoulutely right about the complex aspect which hacking brings with itself.

            Yet there is always that revolutionary thought, that there is this one idea, this one theroy, that might lead in solving these “hardcore” devices without a huge amount of money. BUt that doesnt seem to be the case right now

          2. HippyHerpes’s avatar

            I’m just gonna say this Wololo isn’t a hacker just a damn sponsor nothing more. Lol

          3. wololo’s avatar

            @hippyherpes I like to believe I used to be one of the ok psp hackers. Not one of the great ones, but a hacker nonetheless. Life has decided that I dont have the time to spend on it anymore, but it doesn’t mean I dont know what I am talking about. Remind me which projects of the vita scene you worked on?

            As far as the “sponsor” part goes, I am proud to have donated for pretty much every vhbl or ecfw out so far, despite not necessarily using all of these. So yeah, I guess in a way I am a sponsor.

          4. >_>’s avatar

            LOL you got owned herpes! XDDDD

            Wololo, thanks for your contributions to the scene, in whatever form they’ve been in. :)

      2. Cheesethief’s avatar

        I think what he meant was more that hacking is heading away from being a hobby and more towards being a business all about the money.

        Perhaps it is that security is getting stronger, but when an item, such as TrueBlue uses free scene hacks with a few mods, it just seems to be a way to milk the consumer of their cash.

        Reply

      3. pleaseclap’s avatar

        psvitaturkiye com/forum/vita-half-byte-loade­r/2-05-vhbl-cikti/

        I think we have an exploit

        Please delete after reading

        Reply

  2. cesa’s avatar

    VHBL TN_V

    Reply

    1. tae’s avatar

      there is no release!! it was leaked already :P

      Reply

  3. I feel bad for you’s avatar

    Wololo, you write so many awesome articles.
    Whenever i visit this site, i read all your articles first and then any other if they seem interesting. But most of the people visiting this site are not even interested in them. They probably don’t even read them completely, and as you can see from the comments section of any post by you, >90% of the comments are nonsense or spam or trolls or ‘screw this i want the exploit’.
    I don’t even have a vita (have a psp though :D) and i still visit your blog for all your interesting articles. But i feel bad that most of the people reading this don’t even understand it.

    Reply

    1. TheFlyingDutchman’s avatar

      I beg to differ. I read every single word from all the blog post here! Although sometimes I’m not very familiar with technical terms (or some sentences as English is not my native language), I still find it very interesting to get to know more about them! =)

      Hate to admit it, I’m also looking forward to see new exploits, but the blog posts here at least keep me entertain for now. =D

      Reply

      1. You are an exception’s avatar

        Just look at the comments before and after mine.
        And so many jerks just writing random shit just because the comments section is not moderated.

        Reply

  4. CursedOblivion’s avatar

    Yet again Wololo and his buddies are stalling by making these worthless posts.

    Release the damn exploit already.

    Reply

    1. no’s avatar

      No. There will be no exploit. There will be tears.

      Let the tears flow. Begin.

      Reply

      1. >_>’s avatar

        Cursed tears of hopelessness, coming from that oblivious boy crying in a corner. XDDDD

        Reply

        1. no’s avatar

          Why the “XDDDD”? Idiot.

          Yeah, you think I’m crying? For what reason? I am the one that’s complaining about no hacks being released because the developers are “greedy”? These kids are the ones crying.

          Wololo, you should put an age restriction on this site. Some of these kids are f*cking stupid. Wow.

          Reply

          1. >_>’s avatar

            LOL I was agreeing with you, f**knuts. Seems Wololo needs to put a minimum IQ/comprehension level to use this site in place too. What a retard. XDDDDD

          2. no’s avatar

            If they put a “minimum IQ/comprehension level test” on this site, you’d never be able to access it ever again.

            Just look at how you end your posts. “XDDDDD” makes you seem extremely stupid. Anyone who reads your previous posts will know how illiterate you are.

            Weak.

          3. >_>’s avatar

            So going a little overboard with emoticons makes me illiterate? LOL! Whatever dude. I’m done trolling you, have a nice day. :D

    1. Jd8531’s avatar

      That site is fake.

      Reply

      1. Jon’s avatar

        hmmm a website that advertises modchips but doesn’t sell them

        Reply

      2. Keyblade Spirit’s avatar

        That wasn’t the joke?

        Reply

    2. timbe’s avatar

      how do u get a psvita chip.

      Reply

      1. >_>’s avatar

        You unsolder the main CPU from the board, then put a 486 chip in its place.

        Reply

  5. Dave (CodeLion)’s avatar

    Maybe the hackers are going about this the wrong way? I don’t have very much experience in the console hacking world but I was involved a while back with the Wii and I know a good bit about reverse engineering and such.
    If I was handed a mysterious, functioning piece of technology and told to figure out how it worked and how we could utilize it, the first thing I would do would be open it up and investigate the hardware. Extract each recognizable memory chip, dump them. Anything I didn’t recognize I would begin to track down and figure out who makes and and what it does.
    I would think that ought to get enough information to begin searching for usable exploits.

    I expect someone has already done this, but if not, maybe someone will get some inspiration from my thoughts.

    CodeLion

    Reply

  6. ano’s avatar

    if 5 million devices will be sold, say 4 million are used only 1 million will pirate them if anyone has done an exploit with user name and password and is required only ridiculously priced $ 1 and all would get 1 million,
    I would pay for a hack that works 30-40 dollars if a can updated whenever i whant ,
    sorry for my English, I use google translation

    Reply

  7. jlo138’s avatar

    I wonder how much Datel has made.

    Reply

  8. Frank’s avatar

    You mean more like doing a device like the Supercard was made for Nintendo DS for playing roms. Not donations. Makert for building a device for Vita that could load up iso and homebrews like they did with DS and i believe 3DS.

    Reply

  9. konamigood’s avatar

    Sounds like that Vita is not a good target just because the market is too small.

    It’s so ironic that PSP became a popular console in China after piracy appeared. It not so difficult for people in China (even in Taiwan,BTW I live in Taiwan) to afford a console. They feel, however, the game is to expensive.

    This phenomenon also apply to iOS side. They are wIlling to but a Phone about 600USD, but don’t want to pay 1USD for app.

    Reply

    1. no’s avatar

      Sony needs to expand their targeted audience. The games are too expensive? I wonder how any of you guys afford PS3 or XBOX games these days when your complaining about the Vita’s game prices…

      Reply

      1. >_>’s avatar

        Guess you don’t keep track of the economy, eh sonny boy? >_> Maybe you should just mind your own damn business. XDDDD

        Reply

        1. pirate city’s avatar

          Maybe you just want to pirate games? XDDDD

          pirate city, b*tch, pirate pirate city, b*tch
          10, 10, 10, 20 dollars? that’s silly b*tch
          100 dollars in my hand? yea fu*k this.
          i’m so cheap, Sony don’t know who they f*cking with.

          got this other sh*t, torrenting this other sh*t
          piratin’ all night, ni*ga we don’t give a sh*t
          piratebay so dope, I ain’t quittin’ it
          can’t stop me Sony, maybe take a hint?

          no bullshit, Sonys gettin’ pissed
          no money, no money, Sony is like my bitch
          Sony got the short end of the stick
          Nintendo you know what it is

          pirate city b*tch, pirate pirate city b*tch
          10, 10, 10, 20 dollars? that’s silly b*tch

          ni*ga, i’m a jew by far
          look at the torrents on the bar
          too bad Sony, PSN sucks hard
          get the f*ck out, no debit card

          I need my isos pronto
          get it in the morning like Alonzo
          i’m a pirate, i’m a fu*king desperado
          gonna torrent this b*tch like no tomorrow

          i’m at 100, 100
          torrents at 100, 100
          pirate pirate city b*tch
          i’m at 100, 100
          progress at 100, 100
          pirate pirate city b*tch

          Reply

        2. no’s avatar

          Keep track of the economy? How there is a depression?

          So people are poor, and are going out to buy PS3, 360, Wii and games for it. Then they go and buy handhelds like 3DS, VITA, etc and then complain about how there is a depression and everything is too expensive?

          B*tch, please. If you can’t afford all of that sh*t in the f!rst place, why are you buying it?

          You should mind what you say in your posts, because it makes you seem very, very dumb.

          Reply

  10. msr’s avatar

    PS3 SUPER SLIM POSSIBLE?, HOTSWAP, BACKUPS. MOD, HACK, IDEAS? SUGGESTIONS? search this on youtube.
    do you think someone could make a hack with this

    Reply

  11. Apoyo a Dark alex’s avatar

    La scene de la psp perdio un gran colaborador que era dar alex, a el no le importaba el dinero, no le importaba la fama y mucho menos era egoista, personas como el son necesarias para la scene de psvita, tanta gente egoista y miserable con la desgracia del mundo.

    Reply

  12. svenn’s avatar

    Its not all that bad; There are a gazzillion games out there that all get hacked on release day or 2 weeks later. They get spyware and other nasty bugs with them, but people still download and install them. If a large amount of vita players would browse (/get a decent browser) then I’m not sure vita would remain a niche it is today.

    Its a nice article however, justifies a donation button. Though i’m more a fan of pay-what you want principle. Cause i’m a cheap bastard … while I buy every humble bundle for 10$. If its free I don’t attach a value to it, if you have to give something you start value the amount of work and the true value of code/programs.

    Reply

  13. decius’s avatar

    He’s saying he wants a donate button beside the download link to his ported 2.05 vhbl… right? for those of us stuck on 2.05 for ever ;) since the release of update 2.06….

    Reply

  14. TheTokBokz’s avatar

    new system update for vita but no warnings for release!?

    Reply

    1. pirate city’s avatar

      pirate city, b*tch, pirate pirate city, b*tch
      10, 10, 10, 20 dollars? that’s silly b*tch
      100 dollars in my hand? yea fu*k this.
      i’m so cheap, Sony don’t know who they f*cking with.

      Reply

  15. Spite’s avatar

    @Wololo

    What do you think the vita homebrew scene can do for Vita sales?

    Given that the Vita is now selling better in Japan and with the PS4 coming out, They look to make profits well into the billions.
    Taking into account that most exploits are CEFW.

    And if you may address something that has been on my mind;

    How can the scene support itself without a true sense of purpose?

    Reply

  16. Nickolas’s avatar

    Apparently, the “evad3rs” team was paid 1 million dollars to include TaiG, a Chinese APT front-end in their jailbreak…

    Reply

Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>