Back-to-Back PlayStation 5 Hacks Hit on the Same Day

Cyberattackers stole PS5 root keys and exploited the kernel, revealing rampant insecurity in gaming devices.

A pair of PlayStation 5 breaches shows the consoles don’t have protection from attackers taking over its most basic functions.

Both exploits were posted on Twitter on Nov. 7 without disclosure to Sony or specifics, but they nonetheless signal potential security problems to come for the gaming giant.

FailOverFlow, which has already earned a reputation as a prolific PlayStation jailbreaker group, posted a Nov. 7 tweet which appeared to contain the PS5 firmware symmetric root keys:

In a subsequent tweet, the group claimed that it “…got all (symmetric) ps5 root keys.” FlailOverflow wrote, “They can all be obtained from software — including per-console root key, if you look hard enough!”

The message is practically a dare for other would-be hackers to try to access decrypted firmware files for themselves.

PS5 Kernel Exploit

The second hack was also posted on Twitter on Nov. 7 by Google security engineer Andy Nguyen, who is also known widely in hacker circles as TheFlow. He was apparently able to access the PlayStation 5 “Debug Settings” menu, indicating he has a PS5 kernel exploit.

Wolo, which first reported on both breaches, pointed out this menu is typically only on testkit devices and allows quality assurance and development teams to install package files on the Sony PlayStation 5.

“But it can be enabled on retail consoles by patching some flags, located at specific addresses in the firmware at Runtime,” according to Wololo’s the Guardian.

Is Securing the PS5 Even Possible?

Both breaches put threat actors well on their way to installing pirated games, running emulators and more, according to public-interest technologist Bruce Schneier.

Register now for our LIVE event!

“Hackers may have just made some big strides towards possibly jailbreaking the PlayStation 5 over the weekend,” Schneier wrote about the breaches. “Decrypted firmware ­which is possible through FailOverFlow’s keys, would potentially allow for hackers to further reverse-engineer the PS5 software and potentially develop the sorts of hacks that allowed for things like installing Linux, emulators or even pirated games on past Sony consoles.”

Schneier added that he doesn’t think a hack-proof computer system will ever be a reality.

“Especially when the system is physically in the hands of the hackers,” Schneier said. “The Sony Playstation 5 is the latest example.”

Want to win back control of the flimsy passwords standing between your network and the next cyberattack? Join Darren James, head of internal IT at Specops, and Roger Grimes, data-driven defense evangelist at KnowBe4, to find out how during a free, LIVE Threatpost event, “Password Reset: Claiming Control of Credentials to Stop Attacks,” on Wed., Nov. 17 at 2 p.m. ET. Brought to you by Specops.

Register NOW for the LIVE event!

 

 

 

 

 

Suggested articles

Discussion

  • blank on

    I think the term 'cyberattackers' used in this article is very misleading. Cyberattacker denotes a predatory criminal looking for their next prey, normally via long distance network communications. The hack, as it stands, allows one to gain root access to the device, effectively opening up the console to what ever the end-user wants to do. This doesn't necessarily suggest this as being dangerous, or malicious, to any particular user unless someone actually makes a tool to run on the PS5 with malicious intent. This is only to the detriment of Sony as they do not want custom software running on their consoles. Also I would add that the people that find these code exploits to gain root access to video game consoles are mainly hobbyists and security researchers, very few of them are black-hat or dealing in shady business practices such as Team Xecuter with their advertised piracy hardware.
  • Bobby on

    They didn't steal the root keys

Leave A Comment

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.