Search This Blog

Showing posts with label PS4. Show all posts

Google Analyst Identifies Critical Bug in PlayStation 5


The vulnerability in the PlayStation 5 could have allowed hackers to access the console system that was already identified and fixed on the PlayStation 4 last year. 

“I found it on the PS4 and then two years later on the PS5. It seems like their patch somehow got reverted when doing FreeBSD9 to FreeBSD11 migration,” Andy Nguyen, a security researcher at Google Nguyen told Motherboard, referring to the Linux distribution that manages the PlayStation’s operating system. 

Last year, the researcher gave an indication by jailbreaking his PlayStation 5 and tweeting an image of the console’s debug settings, which should only be accessible if the console is jailbroken. 

Jailbreaking a console system allows customers to install emulators for other consoles, play pirated games, as well as unlock hidden features. The flip side of the coin is that Sony may block a jailbroken console from utilizing network features, blocking the user from playing online games. 

Earlier this year in January, Andy reported the vulnerability to Sony and wrote that he discovered an identical bug in 2020, “when the PS5 did not yet exist, thus this should be considered as a new report and not a duplicate.” 

The vulnerability led the researcher to gain control of the PlayStation 5’s kernel, the soul of the console’s operating system, which has access to and controls most of its functions. Last week, Sony patched the bug for the PlayStation 5 and rewarded Nguyen with a bounty of $10,000, the same amount as a reward in 2021. 

Nguyen explained that the vulnerability he identified was only one of a chain of flaws required to fully jailbreak the PlayStation 5. And as of today, Sony’s new console is fully patched, which also means there are no pirated apps or emulators like there are for the PlayStation 4, for which there is a public jailbreak. 

Earlier this month, another security researcher discovered the security bug to jailbreak the PS4 and the PS5 by exploiting the official PS2 emulator that Sony offered for its two most recent consoles. 

“By hacking the official PS2 emulator he could run unofficial apps, other emulators, and “even some pirated commercial PS4 games. One of the advantages of exploiting the PS2 emulator is that Sony cannot patch it,” CTurt explained in a blog post. “Because the emulator is bundled as a game, not part of the OS, Sony has no readily available options to revoke access to it.”

Thousands of PS4s Seized, Employed in Mining Cryptocurrency Illegally


In Vinnytsia city located along the Southern Bug river, a large-scale electricity theft was revealed and recorded by the SBU. In one of the JSC Vinnytsiaoblenerho's old premises, the culprits mined cryptocurrency illegally. Nearly 5000 computers were confiscated by Ukrainian law enforcement. This underground crypto farm is the largest. 

SBU officials found that in the JSC Vinnytsiaoblenerho's abandoned warehouse in the industrial park of the facility the citizens of Kyiv and Vinnytsia towns established illegal crypto-farm. 

The criminals stole JSC Vinnytsiaoblenerho's electricity for mining. They exploited electricity meters to cover up their actions that showed no real consumption of energy. 

After being found in an abandoned warehouse, operated illegally for bitcoin, thousands of PlayStation 4 Gaming systems have been confiscated. 

There were approximately 3,800 game consoles, which were trimmed together and housed on metal racks, with more than 500 graphics cards and 50 processors. The hardware was supposed to make it easier to extract cryptocurrencies while those who are presumably responsible stole the electricity needed from the town. 

Current estimates show somewhere between $186,200 and $259,300 a month of electricity that has been stolen. 

Raids occurred on the Cryptocurrency farm, and Ukrainian police said investigations were also carried out at "offender's residences," which reportedly captured drafting notes on the use of power, notebooks, mobile phones, and USB storage devices. 

In a statement, JSC Vinnytsiaoblenergo said that "our company has nothing to do with any illegal activity," and "cryptocurrency mining equipment has never operated in the premises owned by our company." 

Furthermore, the utility firm said that there was no proof of electricity theft. The inquiry took place under the supervision of the Prosecutor General's Office by the Ukrainian law enforcement agencies. 

Chinese law enforcement detected wires in fish ponds used to link to an electric power grid on an oil system, in a separate but remarkable bitcoin farm plot in 2019. After drones were dispatched to track the criminal, Active Bitcoin (BTC) rigs were found in a shed. Currently, further investigation is underway.