Malware on Roms

Discussion in 'NDS - Flashcarts and Accessories' started by Rxq, Sep 5, 2006.

  1. Rxq
    OP

    Rxq Advanced Member

    Newcomer
    68
    0
    Jun 25, 2006
    Canada
    Is there anyways to check wheather a rom has mal-ware?
    What kind of damage can viruses do to a ds?
    Is it fixable?
     
  2. Covarr

    Covarr Sentient Cash Register

    Member
    872
    5
    Oct 21, 2005
    United States
    Far East of Eden
    A ROM can't harm your machine unless you're flashing your firmware. End of story.
     
  3. ZildjianKX

    ZildjianKX GBAtemp Regular

    Member
    280
    1
    Nov 1, 2003
    United States
    Umm... I thought it could write to a portion of your firmware. That's why Flashme is nice, since it allows you to restore your firmware in case someone wants to be evil and write a program to overwrite the firmware.

    The recovery portion of Flashme is on the portion of the firmware that requires the bridge of the pins to write to, so software can't overwrite that portion unless you bridge the pins.
     
  4. Xeronage

    Xeronage GBAtemp Advanced Fan

    Member
    612
    0
    Aug 6, 2006
    Wrong, there are 2 malwares, Taihen and Bootloader. They overwrite the writable part of the Firmware ROM. And you don't find them easily either..

    The only protection against it is FlashMe's Recovery Mode
     
  5. Heran Bago

    Heran Bago Where do puyo come from?

    Member
    3,017
    439
    Nov 6, 2005
    United States
    Foggy California
    No, there's another, easier protection; don't run them.

    However, DSlazy has the ability to scan a file for the DS trojan.
     
  6. Rxq
    OP

    Rxq Advanced Member

    Newcomer
    68
    0
    Jun 25, 2006
    Canada

    Use DSlazy and load the rom and click crashme?

    Btw how often are roms with malware in them found?

    I cant flash my DS L at the moment, so any other precautions i can take?
     
  7. FifthE1ement

    FifthE1ement GBAtemp Advanced Fan

    Member
    603
    0
    Jun 19, 2006
    United States
  8. bikingcam

    bikingcam GBAtemp Regular

    Member
    140
    0
    Nov 21, 2005
    Djibouti
    You know.......
    The threat is fairly small but it sure would suck if yoyu ran a virus
     
  9. neojei

    neojei GBAtemp Regular

    Member
    184
    0
    Jun 20, 2006
    United States
    Whats stopping anyone else from writing another trojan?
     
  10. SlyGuy

    SlyGuy GBAtemp Fan

    Member
    396
    0
    Aug 4, 2006
    Canada
    Exactly what I was thinking...
     
  11. WishCow

    WishCow Advanced Member

    Newcomer
    85
    0
    Jul 24, 2006
    Hungary
    Basicly nothing.

    You should only download roms/apps or anything homebrew from trusted sources if you don't have flashme.
     
  12. throwingks

    throwingks Advanced Member

    Newcomer
    53
    0
    Feb 10, 2006
    United States
    You could also cross-reference the checksums of your ROMs with a trusted site.
     
  13. neojei

    neojei GBAtemp Regular

    Member
    184
    0
    Jun 20, 2006
    United States
    How does just checking checksums on the ROMs prevent you from running malware, if they could write a trojan, couldn't they just change the checksum? It makes downloading roms such a scary thing. Good thing I don't [​IMG] But it does get me interested for other people's sake about malware.
    DSLazy can detect just the DS Trojan? Could using antivirus software or something detect it too?
     
  14. bobbyblunt

    bobbyblunt Advanced Member

    Newcomer
    72
    0
    Jul 8, 2006
    Norton protects against DS trojans. I'm sure the other major antivirus software does aswell.
     
  15. throwingks

    throwingks Advanced Member

    Newcomer
    53
    0
    Feb 10, 2006
    United States
    http://darkfader.net/ds/
    shows the md5sum of the couple of known trojans. All the way down under Malware.

    If anything changes from the original file the crc32 is completely different, so only the original ROM would generate the correct crc32.
    http://ndslister.emubase.de/show_list.de.html
    lists crc32s for ROMs

    http://en.wikipedia.org/wiki/Cyclic_redundancy_check
    explains crc32

    Never trust the crc32 from the nfo that comes with the ROM. Always use a program to generate a crc32. Then cross-reference that with a trusted database.

    Norton's doesn't protect your DS from anything.
     
  16. bobbyblunt

    bobbyblunt Advanced Member

    Newcomer
    72
    0
    Jul 8, 2006
    Try uploading a trojan to your cart then. see what norton does.
     
  17. Heran Bago

    Heran Bago Where do puyo come from?

    Member
    3,017
    439
    Nov 6, 2005
    United States
    Foggy California
    So far, no one has the technical skill to embed a DS trojan into a commercial ROM. When you run DS homebrew, just make sure that other people have done it.
    DSOrganize, for example. If many many people have used it and love it, there chances of it being viral if you download it from the official site are about 0%.

    Nothing's stopping anyone from making another DS trojan. However, they would be caught very quickly, as the first person who gets hit would make a big deal out of it.
    darkfader's (or was it natrium47's?) romloader is an exception because there was a huge demand for it. Once it was released, everyone said "darkfader!?" "ROMLOADER!?" SURELY I MUST RUN THIS NOW RATHER THAN WAIT TO HEAR IF IT WORKS!

    edit: Yes, norton picks up on both DS trojans iirc.
     
  18. OrR

    OrR Rice-megatron Expert

    Member
    1,562
    3
    Nov 24, 2005
    Gambia, The
    Hildesheim/Germany
    Embedding a trojan into a commercial rom should be possible for some people. However, replacing a commercial rom with a trojan is easy for everyone.
    Actually it's the other way around: A rom can brick your machine unless you're flashing your firmware with FlashMe. End of story.
     
  19. omegatr0n

    omegatr0n GBAtemp Regular

    Member
    145
    0
    Jul 26, 2006
    yeah i thinhk when you download the bricker file norton says its a virus...i wonder what other antivirus programs do that
     
  20. throwingks

    throwingks Advanced Member

    Newcomer
    53
    0
    Feb 10, 2006
    United States
    Sorry, I did not know that. [​IMG]