Hacking (Warning)Vita Vpks that Brick your vita are surfacing online! (Warning)

Abu_Senpai

Well-Known Member
OP
Member
Joined
Jul 13, 2014
Messages
1,515
Trophies
0
XP
1,186
Country
Syria
This just was announced over on Reddit at /VitaPiracy

Apparently a Reddit User uploaded TWO vpks earlier today which were:

"Fruit Ninja [US] [TESTED] [MAIDUMP]"

"kung fu rabbit - tested working - maidump v233.2z8"

Those unfortunate pirates who downloaded said Vpks and installed them have been had meaning that their Ps Vitas have been BRICKED PERMENANTLY!.

So be EXTRA Cautious when it comes to using backups guys!

Here is a explanation of what happened in more detail:

"Technical explanation from /u/tuxdude143;

I have been analysing the vpks along with a friend and we have found that both of them make calls to OS0. The particular cause for concern is how they call for OS0 to be mounted along with OS0:KD and VS0. Now once those are mounted it basically just wipes them clean. The consequence is the vita had no operating system to boot at all, nor does it even have any drivers to interface with any of the components (which are contained in OS0:KD. Basically the result is an UNRECOVERABLE BRICK which leaves the nand completely wiped and unbootable.

Consider it the first ever serious vita virus"


"Been analysing this with a friend and from what we have found out it seems the mai.suprx mounts some rather odd things, namely vs0 and os0 before nuking vs0, os0 and most destructively, os0:KD aka the driver directory"


The user who uploaded said .vpks definately did so with malicious intent so id be extra weary when installing .vpks
 
Last edited by Abu_Senpai,

Cinnamon

Well-Known Member
Member
Joined
May 2, 2014
Messages
263
Trophies
0
Age
32
XP
387
Country
Norway
I feared this would happen due to how the dumps basically are homebrew and can be modified to be malicious. Not being able to use Sony's distribution packages may possibly hurt the scene now when people have figured how to sneak in malicious code that may brick the device. Even more scarier is the though of delayed malicious code.
 

SirByte

Well-Known Member
Member
Joined
Dec 30, 2012
Messages
524
Trophies
1
XP
1,059
Country
Canada
Wasn't it so that all 'backups' from retail games have no reason not to be 'safe' (if not, why not)? If yes, how come they're still installing unsafe packages?
 

Cinnamon

Well-Known Member
Member
Joined
May 2, 2014
Messages
263
Trophies
0
Age
32
XP
387
Country
Norway
Wasn't it so that all 'backups' from retail games have no reason not to be 'safe' (if not, why not)? If yes, how come they're still installing unsafe packages?
Maidumps are not marked by that prompt by Vitashell which these people have been using, simply because it doesn't use vpks. For now.
 

Tony_93

Well-Known Member
Member
Joined
Jun 13, 2015
Messages
2,457
Trophies
1
Location
California
XP
2,436
Country
United States
Wasn't it so that all 'backups' from retail games have no reason not to be 'safe' (if not, why not)? If yes, how come they're still installing unsafe packages?

When you are a pirate you download anything from the internet and don't care to double check if anything as long as they are free gamez.... I know cuz I been there before :P
 

Autz

Well-Known Member
Member
Joined
Feb 18, 2016
Messages
575
Trophies
0
Age
27
XP
368
Country
Venezuela
My common sense tells me that the same can't be archieved on 3DS since games run on Arm11. But is possible?
 

yifan_lu

@yifanlu
Member
Joined
Apr 28, 2007
Messages
663
Trophies
0
XP
1,671
Country
United States
We knew something like this was going to happen which is why safe homebrew was a thing. We worked with the_flow to implement it and that's why you wouldn't get such a virus from using vitashell + vitamin. Unfortunately other people aren't as cautious.

--------------------- MERGED ---------------------------

My common sense tells me that the same can't be archieved on 3DS since games run on Arm11. But is possible?
Sure, just use that svc back door that cfws love to insert.
 

Elizabethx90

Well-Known Member
Newcomer
Joined
Aug 24, 2016
Messages
75
Trophies
0
Age
33
XP
65
Country
United States
We knew something like this was going to happen which is why safe homebrew was a thing. We worked with the_flow to implement it and that's why you wouldn't get such a virus from using vitashell + vitamin. Unfortunately other people aren't as cautious.

--------------------- MERGED ---------------------------


Sure, just use that svc back door that cfws love to insert.
Can you elaborate on the backdoor's? And which cfw would you suggest personally?
 

Jao Chu

Well-Known Member
Member
Joined
Aug 20, 2013
Messages
1,932
Trophies
0
Age
36
Location
straya m8
XP
1,452
Country
Australia
Ouch, well there's another low blow our scene has taken :(

Anyone remember the days of the DS scene when a certain someone released a version of FlashMe that bricks DS's?

Hard mods and NAND dumps would be nice as always, but i suppose we have high expectations as a result of being spoiled with how violated the 3DS platform is, Lol. Perhaps we'll never have the luxury with our PS Vitas....
 

yifan_lu

@yifanlu
Member
Joined
Apr 28, 2007
Messages
663
Trophies
0
XP
1,671
Country
United States
Ouch, well there's another low blow our scene has taken :(

Anyone remember the days of the DS scene when a certain someone released a version of FlashMe that bricks DS's?

Hard mods and NAND dumps would be nice as always, but i suppose we have high expectations as a result of being spoiled with how violated the 3DS platform is, Lol. Perhaps we'll never have the luxury with our PS Vitas....
Well if you only use safe homebrews, you won't be able to brick your vita ever. But I didn't know that the mai people never implemented the checks. They might not have known about it. But that's on them.
Can you elaborate on the backdoor's? And which cfw would you suggest personally?
svcBackdoor lets you run kernel code from homebrew. A big security hole that just begs for someone to write a bricker. I don't know which cfw doesn't do it, so I don't have any recommendations.
 

ih8ih8sn0w

Koreaboo
Member
Joined
Aug 22, 2015
Messages
1,677
Trophies
0
Age
25
Location
Hell
XP
898
Country
United States
Can you elaborate on the backdoor's? And which cfw would you suggest personally?
The 3ds has firms locked down on boot (a9lh wise) or has emunnad (other entrypoints). Just keep backups, make sure the stuff you download isn't made or released by someone sketchy, and you don't have to worry about anything. Also, stick to luma3ds.
Back on topic though: I'm surprised that the vita allows for this to happen. I know a hacked consoles environment isn't the best, but the ability for an application to just wipe nand is interesting. Then again, I don't understand a whole lot about that...
edit: every cfw has a patch for svcbackdoor (read the above post), but corbenik allows you to disable it (not recommended). Things like ntr cfw rely on it, but it isn't powerful enough to just wipe nand completely.
 
Last edited by ih8ih8sn0w,
  • Like
Reactions: Abu_Senpai

Kioku

猫。子猫です!
Member
Joined
Jun 24, 2007
Messages
11,987
Trophies
2
Location
In the Murderbox!
Website
www.twitch.tv
XP
16,076
Country
United States
I suppose Mai could add a check for edited .suprx files to ensure this doesn't ever happen again. I can't believe people would go this low. Yes piracy is bad, but that does not justify bricking people's devices just because they're pirates.
You have too much faith in people. Honestly? It was only a matter of when and not if. You give people the opportunity to mess up someone's device? Don't be surprised if someone takes it.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • S @ salazarcosplay:
    @K3Nv2 what was your ps4 situation
  • S @ salazarcosplay:
    did you always have a ps4 you never updated
  • S @ salazarcosplay:
    or were you able to get new ps4 tracking it \
    as soon as the hack was announced
  • S @ salazarcosplay:
    or did you have to find a used one with the lower firm ware that was not updated
  • K3Nv2 @ K3Nv2:
    I got this ps4 at launch and never updated since 9.0
  • K3Nv2 @ K3Nv2:
    You got a good chance of buying a used one and asking the seller how often they used or even ask for a Pic of fw and telling them not to update
  • RedColoredStars @ RedColoredStars:
    Speaking of PLaystation. I see Evilnat put out a beta for PS3 CFW 4.91.2 on the 22nd.
  • K3Nv2 @ K3Nv2:
    Don't really see the point in updating it tbh
  • BigOnYa @ BigOnYa:
    Yea you right, I thought about updating my PS3 CFW to 4.91, but why really, everything plays fine now. I guess for people that have already updated past 4.9 it would be helpful.
  • K3Nv2 @ K3Nv2:
    Idk if online servers are still active that would be my only thought
    +1
  • BigOnYa @ BigOnYa:
    Thats true, personally I don't play it online at all, in fact, I deleted all wifi details on it once I installed CFW, so it won't connect and auto-update itself
  • BigOnYa @ BigOnYa:
    I play most games that are on both PS3/360 strickly on the 360, but PS3 exclusives are really only games I play on the PS3 (You know me, I'm more of a Xbox junkie)
  • K3Nv2 @ K3Nv2:
    Ps3 really has no titles worth going online
  • BigOnYa @ BigOnYa:
    what is nps?
  • Xdqwerty @ Xdqwerty:
    @K3Nv2, what about GTA v onl... O Yea the PS3 versión got discontinued
  • K3Nv2 @ K3Nv2:
    I feel like the world's cheapest pc build can play gtaV
  • K3Nv2 @ K3Nv2:
    In modern standards
  • Xdqwerty @ Xdqwerty:
    @K3Nv2, then why mine can't?
  • BigOnYa @ BigOnYa:
    @K3Nv2 What is nps you mentioned?
  • K3Nv2 @ K3Nv2:
    Because your pc has a hamster innit
    +3
  • BakerMan @ BakerMan:
    R.I.P. LittleBigPlanet PS3 servers
  • BakerMan @ BakerMan:
    LBP2 still the goat tho
  • K3Nv2 @ K3Nv2:
    That can be played on ps5 iirc
  • BigOnYa @ BigOnYa:
    I'm surprised any PS3 servers are still up, tbh
  • K3Nv2 @ K3Nv2:
    Alot of manufactures do care about older consoles they just want to whine about piracy
    +2
    K3Nv2 @ K3Nv2: Alot of manufactures do care about older consoles they just want to whine about piracy +2