A proof of concept already exists that exploits this flaw and works on all versions of PSP firmware that can view TIFF files. In view of this situation, it becomes relatively easy to program malicious code to exploit this security hole.
According to Jeremy Matthews, MD of Panda Software SA, this is not the first case of an attack on gaming consoles. Last year, PandaLabs detected malicious codes designed to target these devices. These were the Format.A and Tahen (variants A and B) Trojans. These Trojans were extremely dangerous, as their attacks deleted critical files, and could even irreversibly render the PSPTM console unusable
It is recommended not to install software that does not come from reliable sources on consoles. Before doing so, it is advisable to scan it first with an updated anti-virus solution. Similarly, external communication (USB, IrDA or WiFi) should not be established with untrustworthy consoles or computers that could transfer unwanted information, Matthews concludes.
|