Malware on Roms

Discussion in 'NDS - Flashcarts and Accessories' started by Rxq, Sep 5, 2006.

Sep 5, 2006

Malware on Roms by Rxq at 6:54 PM (2,976 Views / 0 Likes) 28 replies

  1. Rxq
    OP

    Newcomer Rxq Advanced Member

    Joined:
    Jun 25, 2006
    Messages:
    68
    Country:
    Canada
    Is there anyways to check wheather a rom has mal-ware?
    What kind of damage can viruses do to a ds?
    Is it fixable?
     


  2. Covarr

    Member Covarr Sentient Cash Register

    Joined:
    Oct 21, 2005
    Messages:
    872
    Location:
    Far East of Eden
    Country:
    United States
    A ROM can't harm your machine unless you're flashing your firmware. End of story.
     
  3. ZildjianKX

    Member ZildjianKX GBAtemp Regular

    Joined:
    Nov 1, 2003
    Messages:
    280
    Country:
    United States
    Umm... I thought it could write to a portion of your firmware. That's why Flashme is nice, since it allows you to restore your firmware in case someone wants to be evil and write a program to overwrite the firmware.

    The recovery portion of Flashme is on the portion of the firmware that requires the bridge of the pins to write to, so software can't overwrite that portion unless you bridge the pins.
     
  4. Xeronage

    Member Xeronage GBAtemp Advanced Fan

    Joined:
    Aug 6, 2006
    Messages:
    612
    Country:
    Wrong, there are 2 malwares, Taihen and Bootloader. They overwrite the writable part of the Firmware ROM. And you don't find them easily either..

    The only protection against it is FlashMe's Recovery Mode
     
  5. Heran Bago

    Member Heran Bago Where do puyo come from?

    Joined:
    Nov 6, 2005
    Messages:
    2,854
    Location:
    Foggy California
    Country:
    United States
    No, there's another, easier protection; don't run them.

    However, DSlazy has the ability to scan a file for the DS trojan.
     
  6. Rxq
    OP

    Newcomer Rxq Advanced Member

    Joined:
    Jun 25, 2006
    Messages:
    68
    Country:
    Canada

    Use DSlazy and load the rom and click crashme?

    Btw how often are roms with malware in them found?

    I cant flash my DS L at the moment, so any other precautions i can take?
     
  7. FifthE1ement

    Member FifthE1ement GBAtemp Advanced Fan

    Joined:
    Jun 19, 2006
    Messages:
    603
    Country:
    United States
  8. bikingcam

    Member bikingcam GBAtemp Regular

    Joined:
    Nov 21, 2005
    Messages:
    140
    Location:
    You know.......
    Country:
    Djibouti
    The threat is fairly small but it sure would suck if yoyu ran a virus
     
  9. neojei

    Member neojei GBAtemp Regular

    Joined:
    Jun 20, 2006
    Messages:
    184
    Country:
    United States
    Whats stopping anyone else from writing another trojan?
     
  10. SlyGuy

    Member SlyGuy GBAtemp Fan

    Joined:
    Aug 4, 2006
    Messages:
    396
    Country:
    Canada
    Exactly what I was thinking...
     
  11. WishCow

    Newcomer WishCow Advanced Member

    Joined:
    Jul 24, 2006
    Messages:
    85
    Country:
    Hungary
    Basicly nothing.

    You should only download roms/apps or anything homebrew from trusted sources if you don't have flashme.
     
  12. throwingks

    Newcomer throwingks Advanced Member

    Joined:
    Feb 10, 2006
    Messages:
    53
    Country:
    United States
    You could also cross-reference the checksums of your ROMs with a trusted site.
     
  13. neojei

    Member neojei GBAtemp Regular

    Joined:
    Jun 20, 2006
    Messages:
    184
    Country:
    United States
    How does just checking checksums on the ROMs prevent you from running malware, if they could write a trojan, couldn't they just change the checksum? It makes downloading roms such a scary thing. Good thing I don't [​IMG] But it does get me interested for other people's sake about malware.
    DSLazy can detect just the DS Trojan? Could using antivirus software or something detect it too?
     
  14. bobbyblunt

    Newcomer bobbyblunt Advanced Member

    Joined:
    Jul 8, 2006
    Messages:
    72
    Country:
    Norton protects against DS trojans. I'm sure the other major antivirus software does aswell.
     
  15. throwingks

    Newcomer throwingks Advanced Member

    Joined:
    Feb 10, 2006
    Messages:
    53
    Country:
    United States
    http://darkfader.net/ds/
    shows the md5sum of the couple of known trojans. All the way down under Malware.

    If anything changes from the original file the crc32 is completely different, so only the original ROM would generate the correct crc32.
    http://ndslister.emubase.de/show_list.de.html
    lists crc32s for ROMs

    http://en.wikipedia.org/wiki/Cyclic_redundancy_check
    explains crc32

    Never trust the crc32 from the nfo that comes with the ROM. Always use a program to generate a crc32. Then cross-reference that with a trusted database.

    Norton's doesn't protect your DS from anything.
     
  16. bobbyblunt

    Newcomer bobbyblunt Advanced Member

    Joined:
    Jul 8, 2006
    Messages:
    72
    Country:
    Try uploading a trojan to your cart then. see what norton does.
     
  17. Heran Bago

    Member Heran Bago Where do puyo come from?

    Joined:
    Nov 6, 2005
    Messages:
    2,854
    Location:
    Foggy California
    Country:
    United States
    So far, no one has the technical skill to embed a DS trojan into a commercial ROM. When you run DS homebrew, just make sure that other people have done it.
    DSOrganize, for example. If many many people have used it and love it, there chances of it being viral if you download it from the official site are about 0%.

    Nothing's stopping anyone from making another DS trojan. However, they would be caught very quickly, as the first person who gets hit would make a big deal out of it.
    darkfader's (or was it natrium47's?) romloader is an exception because there was a huge demand for it. Once it was released, everyone said "darkfader!?" "ROMLOADER!?" SURELY I MUST RUN THIS NOW RATHER THAN WAIT TO HEAR IF IT WORKS!

    edit: Yes, norton picks up on both DS trojans iirc.
     
  18. OrR

    Member OrR Rice-megatron Expert

    Joined:
    Nov 24, 2005
    Messages:
    1,562
    Location:
    Hildesheim/Germany
    Country:
    Germany
    Embedding a trojan into a commercial rom should be possible for some people. However, replacing a commercial rom with a trojan is easy for everyone.
    Actually it's the other way around: A rom can brick your machine unless you're flashing your firmware with FlashMe. End of story.
     
  19. omegatr0n

    Member omegatr0n GBAtemp Regular

    Joined:
    Jul 26, 2006
    Messages:
    144
    Country:
    yeah i thinhk when you download the bricker file norton says its a virus...i wonder what other antivirus programs do that
     
  20. throwingks

    Newcomer throwingks Advanced Member

    Joined:
    Feb 10, 2006
    Messages:
    53
    Country:
    United States
    Sorry, I did not know that. [​IMG]
     

Share This Page