This weekend, a hacking group identified as Fail0verflow claimed to have accessed the root keys for encryption of the next-generation PlayStation 5 console, which could be the first step in cracking the console’s system and allowing the use of pirated software and homebrew video games.
Through a Twitter account, the alleged hackers posted an image of what appear to be decrypted files from the console’s firmware. A detailed analysis of the leaked files would allow the code to be reverse-engineered to create a custom firmware sample, thus leading to the possibility of loading custom software on the PS5.
It should be remembered that this whole process requires the use of an exploit to obtain read and write access to the affected kernel. The hackers do not specify which exploit they used in their tests, although according to some experts, the way they explain the process wants to imply that no modification is required to the console hardware.
Last weekend, another PlayStation hacker also posted a screenshot showing a “Debug Settings,” which had previously only been seen on development hardware. This suggests that the hacker used an exploit to enable internal flags that unlock mode on standard consumer hardware.
The hacker mentions that he has no intention of publicly disclosing the technical details of his finding, as he usually works with Sony’s rewards program.
About Fail0verflow, experts mention that this hacking group has been active for a long time, since they have even been identified as those responsible for releasing the exploit to decrypt the PlayStation 3 console, after finding an encryption flaw in Sony. The company even filed a lawsuit against the members of this group.
Soon after, the group posted a statement on their official blog suggesting they would halt their activities due to an imminent legal threat, as well as arguing that homebrew video game development had stalled and ceased to appeal to some enthusiasts.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.