Just a short Public Service Announcement for our users, particularly the ones who like their Homebrew on Nintendo platforms. The Homebrew community tends to be positive and participating in it is a recipe for a good time, but no group of people is free of bad actors with too much time on their hands. We have reason to believe that in the near future we'll see a lot of suspicious uploads of innocent-looking applications that are actually concealed console brickers and viruses. We came across a disconcerting threat against our site, among others, made by a Wii malware creator.

The safety of our users is our number one priority, so we strongly urge forum-goers to be weary of applications uploaded to the site recently, particularly if they come from relatively new accounts. We apologise for this inconvenience, but sadly there is little we can do besides staying vigilant and dealing swiftly with any and all suspicious content.

Stay safe, and keep on Tempin'!

 

[Foxi4]

Ah shit, here we go again
I bet [DATA EXPUNGED] is getting a kick out of this lol.
In other news, I'm interviewing the creator of these brickers on Discord. He's even admitted that a driving factor in doing this was attention!

Considering the fact that now everybody and their dog knows about his 300 IQ plan of bricking people's consoles and telling them about it beforehand, he's going to go down in history as the "exceptional" hacker who bricked zero Wii's, I'm not sure if that was his intention. His scheme might've worked somewhat if he didn't give us a Cartoon Network super villain speech. It's a laughable attempt, but still, it warranted a warning at least.

 

[Ryccardo]

This is a bit more serious threat than the DS brickers though, because those only worked on the first models (DS Lite requires you to short a connection in order to enable writing)

Not really - on both the original and the Lite only the first few blocks are protected in hardware, and only if you installed Flashme you have a minimal system fully fitting in the protected area...

...and while on a Lite you can simply swap the wifi card without soldering, the original is a lot easier to reflash via a PC and no$gba

 

[dhtdht020]

How to check if downloaded programs are legit except than downloading from trusted sources?

You can google search their MD5 checksum, I've seen a few posts about it here already that state MD5 checksums to look out for.
You can also do a quick look through an hex editor, the currently existing malware is so poorly done you can know all it does just by looking at the binary.

Spoiler

 

[Deleted User]

Foxi4 Is best Doggo tbh. 10/10 would head pat and give ear scritches to

 

[pLaYeR^^]

You can google search their MD5 checksum, I've seen a few posts about it here already that state MD5 checksums to look out for.
You can also do a quick look through an hex editor, the currently existing malware is so poorly done you can know all it does just by looking at the binary.

Spoiler

I thought the checksum will be identical to the legit programs. At least that's what I read out of the speech.

 

[dhtdht020]

I thought the checksum will be identical to the legit programs. At least that's what I read out of the speech.

Absolutely not, checksums are different for every file.
If a file is identical, it's checksum is identical as well, checksums are often used by download managers and package managers to verify a download was not tampered with or was not corrupted during download.

 

[Foxi4]

I thought the checksum will be identical to the legit programs. At least that's what I read out of the speech.

A cursory read of his statement makes me think that the program he made will make small alterations to his malware that will result in a new and unique checksum for the app. That doesn't stop the user from opening the file before installing or launching it to look at the contents though, so again, it's very nice of him to announce his malicious intentions.

Absolutely not, checksums are different for every file.
If a file is identical, it's checksum is identical as well, checksums are often used by download managers and package managers to verify a download was not tampered with or was not corrupted during download.

That's correct.

 

[pLaYeR^^]

Absolutely not, checksums are different for every file.
If a file is identical, it's checksum is identical as well, checksums are often used by download managers and package managers to verify a download was not tampered with or was not corrupted during download.

That's also my knowledge. But MD5 isn't a good algorithm.

 

[dhtdht020]

That's also my knowledge. But MD5 isn't a good algorithm.

I agree, but the user posting those checksums has only provided MD5s
I'd recommend SHA256 for general usage.

 

[pLaYeR^^]

I agree, but the user posting those checksums has only provided MD5s
I'd recommend SHA256 for general usage.

True.

--------------------- MERGED ---------------------------

I agree, but the user posting those checksums has only provided MD5s
I'd recommend SHA256 for general usage.

Do you think only the Wii is affected?

 

[dhtdht020]

True.

--------------------- MERGED ---------------------------

Do you think only the Wii is affected?

This specific case directly affects the Wii U's vWii as well, but such malware has been a long term issue, mainly on nintendo's portables.
The DS family of systems has a rich history with that.
Of course, this is not common at all and you won't be able to find it anywhere attempting to diguise as a known app, even if you really want to find it.
There's no reason to start being paranoid, just a general precaution to make sure you treat wii executeables in the same way as windows executeables- make sure you trust the source, the developers, and take further look into the file.

 

[Boured]

Spooky, to bad I don't use many apps on my wii lol.

Or really any hacked console for that matter. Even if I do, backups mah dudes.

 

[MaxiBash]

There, with this stupid public thread, you've given him what he wanted.

Good job GBAtemp.

 

[grunt22fox]

lolwut. This is a bit more serious threat than the DS brickers though, because those only worked on the first models (DS Lite requires you to short a connection in order to enable writing)
Once he gets his brickers floating around, they'll always be a threat because the Wiis can't be patched and there's no "anti-virus" for it.

Keeping quiet about it won't help anyone at all. The first post should explain exactly whats happening, what are the dangers and maybe ridicule the guy a little.

[REDACTED FOR ONLINE PRIVACY]

 

[Foxi4]

There, with this stupid public thread, you've given him what he wanted.

Good job GBAtemp.

I'm not entirely sure why I'm supposed to be bothered by that. I don't care about how he feels or whether he's happy or not, that doesn't affect me in any way. This entire thread consists of people (rightfully) dunking on him - maybe he's into getting embarrassed in public, that's none of my business.

 

[MaxiBash]

I'm not entirely sure why I'm supposed to be bothered by that.

We were preventing trying to give him attention, and you have started a thread that causes nothing but confusion and drama. You could've either discussed this with your moderation team so they can be prepared. Or even better, you could've made this thread when an actual GBAtemp/WiiBrew attack was happening. You're dropping gas on fire at the moment.

maybe he's into getting embarrassed in public

No he isn't, he wanted attention and his text on a website.

 

[gemsticks]

oh boy

 

[Foxi4]

We were preventing trying to give him attention, and you have started a thread that causes nothing but confusion and drama. You could've either discussed this with your moderation team so they can be prepared. Or even better, you could've made this thread when an actual GBAtemp/WiiBrew attack was happening. You're dropping gas on fire at the moment.

No he isn't, he wanted attention and his text on a website.

The PSA was consulted with the rest of the team. Our responsibility is to *this* community - I don't care what happens outside of it. If he gets his jollies for getting clowned on by thousands of people who are laughing at his pitiful stunt, that's his deal. My deal is protecting users of this site from potentially malicious software that he threatened to upload here. I'm not going to be pushed around by a script kiddie with nothing better to do, I don't care what he wants, I'm just telling people to exercise caution when it's warranted - there's nothing wrong with that.

 

[grunt22fox]

We were preventing trying to give him attention, and you have started a thread that causes nothing but confusion and drama. You could've either discussed this with your moderation team so they can be prepared. Or even better, you could've made this thread when an actual GBAtemp/WiiBrew attack was happening. You're dropping gas on fire at the moment.



No he isn't, he wanted attention and his text on a website.

[REDACTED FOR ONLINE PRIVACY]

 

[pLaYeR^^]

@Foxi4 did everything right. No one cares what this clown bricker feels or thinks.