PS Vita hacks: beware of fake and dangerous releases
Yesterday, a “fake” PS Vita release surfaced on the intertubes. The file, pretending to be a pirated PS Vita title, was actually a basic virus that formats your memory card. It’s unclear if the file, which started as an obvious prank or a “proof of concept”, was released with a malicious intent.
I will avoid a speech about karma here, and how pirate wannabes who can’t understand that a 800kB file simply can’t be a PS Vita AAA titles deserve what’s coming to them.
Instead, I want to use the opportunity to remind everyone that HENkaku gives you lots of access to your PS Vita, and as such it brings risk for you to mess things up.
For example, it’s not a secret at this point that your PSN Credentials are stored in clear text on the device, and easily accessible by homebrews. Someone with a malicious intent could release a homebrew that collects PSN usernames and password. Similarly, homebrews can easily format your memory card or do other stuff to your console.
© User:Colin / Wikimedia Commons /
I’m not telling anyone to become completely paranoid here, but if you are not sure what you’re doing, then don’t do it, and wait for other people on trusted sources to confirm a given release is legit.
Last but not least, understand that when you’re hacking your console, no matter what you do, you’re taking some level of risk and responsibility. If you want to play it safe, uninstall Henkaku and upgrade your PS Vita to the latest firmware.
theoretically some one could make a virus thats format os0….
lol i remember when a similar thing was floating around the psp scene years ago. iirc it was aimed at a specific person but exploded everywhere and everyone’s psp was getting bricked xP
It’s a shame how SilicaAndPina seems to be very talented but is very unhinged. I don’t trust him very well especially after he released that “game”.
He isn’t talented though, his PKG Installer 2 was all stolen code and that Virus he released was a very simple thing to do, the guy is a troll and nothing more.
No class. Talent my *** lol.
the initial release was actually called “Evil Gamecart v2” (that was literally the filename) a 775KB file which he warned ppl that it’ll format their card and showed it doing so on youtube on his channel.
it was some other guy who renamed the file then posted it on reddit to troll people.
Listen dummy, he did not initially warn anyone.
Seriously i am fed up with you special cases defending this piece of ***, if you don’t want anything bad to happen, you do not upload a damn file, he KNEW 100% that this *** would happen, on top of that the little clown steals other peoples code and passes it off as his.
Finally, know who the f**k you are speaking to before you convince them of anything…
well said wololo.. cheers
right, at this point i’d rather go compiling source from github
Furr
also i hate the guy, instead of apologizing he said something along the line of “that’s not my problem”
First
Congratulations you did it, you commented second to last!
maybe he means he was the first on this article to post the word “first”
I believe that if you are wise enough to be visiting wololo, then you are wise enough to not fall for scams. Thank You!
Im on 3.36 with TNV , should i update or not?
no
Don’t. I had 3.36 on tnv and now I cant play any psp. Wait for psp on Henkaku to be safe.
yep i’m waiting too.
i would like to know at least if it can format memory cards with issues (error messages) or low level format since the vita settings can’t format some card of mine dont know why. Or at least make a homebrew for a low level vita memory card format
if u want just call uri: “settings_dlg:reset::format_mc_for_promote”
with uri caller. it formats ur memory card without throwing any warnings.
same thing used in my PoC
Do not trust @silicaandpina! He released that malicious .vpk
I think that he is just an 15 year old looking for some lulz.
Yes, he is.
The full story was, silica originally shared it on twitter a 775 KB file he called “Evil Gamecart v2” (the file name was literally Evilgamecart) and warned ppl it will format ur memory card and showed it doing so in a youtube video on his channel! (which he linked to). (the video is still there).
Then someone thought it would be funny to grab those files, rename them, then post them on /r/VitaPiracy/ on a new account with the malicious intent of convincing ppl that it is a real game dump. Basically to troll people.
It was simply a proof of concept, you can see on his youtube channel he has other proof of concepts also called Evil Gamecart. Yes, it’s a completely unneeded creation, you can call him out for wasting time making pointless things, but you can’t call him out on the deceptive reddit post for which he took no part. And until you can accurately point to Silica as the source of that reddit post, you should not point fingers since literally ANYONE could have done this.
If you want to show proof of concept, you post a f*cking video, nothing else >.<
But, then we’d have complaints of “Where’s the files?” and cries of: “FAKE!!!1!!!”, “Prank.”, “Dev likes to show off and taunt the scene”, “That can’t happen, and the dev’s lack of release proves he’s an attention w***e.”, etc. Then it could get leaked and people would be caught unaware because they disregarded the warning or never heard it because no one thought the threat was real, and so they didn’t report on it. (Thanks wololo for the heads up.)
Also to the people saying activate 2FA to protect yourself, a virus doesn’t need 2FA to steal your PSN credentials (the vita stores them in plain text on the device itself.), and many people are dumb enough to reuse passwords. A virus could as others have pointed out just brick your console or worse, actually make the attempt to connect to PSN using the stored credentials with the intent of having Sony ban the account. If it’s running on the current PSN required firmware, it’s possible it could try to make purchases, or attempt to screw with your rep, or gameplay. (Intercepting input and changing it to handicap the player.) A lot is possible with a virus.
So there’s only one option and that is a trusted source that will host a ‘release database’ like there is for the 3DS complete with a CRC32 or SHA1 of the vpk file(s). So you can check your file against it. It’s easy enough to make an executable that is large in size by including a bunch of garbage data.
The PS Vita scene is a roller coaster of emotion
Sitting back and enjoying ramen
Hey Russkie were you one of the “victims”??? 😛
Second
Happens with every scene. Anyone recall the PSP EMU that bricked your PS3 when PS Jailbreak came out?
I remember it
dude make someting clear here , is wololo relase safe ?
really disappointing to upload that file in the internet… sony or silica?
Also, lets not forget to activate 2FA on playstation