Malware Migrating to Gaming Consoles: Embedded Devices, an AntiVirus-free Safe Hideout for Malware

Presented at DEF CON 18 (2010), July 31, 2010, 2 p.m. (50 minutes)

A large portion of people who possess a Gaming Console or a Smartphone are downloading paid software illegally from the web or p2p. Most of those people do not even give a second thought before installing the downloaded software, and merely just check that the application works. The sense of security here comes from the application's popularity (many people use it = safe) and the fact that the application is working as advertised with no noticeable problems (app is working = nothing is wrong). The reason why people have this kind of false sense of security for Console Gaming systems or Mobile Devices is because they are not fully aware that malware can potentially bring the same devastating effects as that of a PC malware, and no one has published a reliable way to inject a malware to a legit software. However, the boundary of these devices and the PC is getting very thin due to the evolution of hardware, which makes these devices capable of bringing the same negative effects of PC malware. Also, most recent Gaming Consoles contain hardware to connect to the network so an almost ideal environment is provided for malware to survive and perform its job. For instance, you are playing your favorite game Guitar Hero and a malware is silently running in the background attacking another PC in the network stealing sensitive material, as well as luring people to fake sites collecting personal information. It is also possible to use the malware's capability to your advantage, and walk into a company that does not allow you to bring Smartphones or Laptops with a Nintendo DS, and use NDS to connect to the corporate's internal network. These problems are not only restricted to Gaming consoles or Smartphones but also other various embedded devices. There are already TVs and Cars that have networking capabilities and have Android installed on them. The number of these kind of devices will continue to grow. In this presentation, we will show how these innocent devices can misbehave and pose a serious threat(in particular Wii, NDS, iPhone, and Android), and show a demo of a malware in live action. We will also show some possible defenses to these kind of attacks.

Presenters:

• Dong-Joo Ha - Security Researcher at AhnLab, Inc.
  Dong-Joo Ha is a Security Researcher working in AhnLab, Inc. His main job is to analyze malware and vulnerabilities, and is interested in security threat research. He enjoys studying anything packet related and playing CTF events. Twitter: @ChakYi
• Ki-Chan Ahn - Hanyang University, Student
  Ki-Chan Ahn is a student of Hanyang University. He is majoring in Electronics but has a high interest in security and computers in general. He has worked in penetration testing, as well as binary auditing. He also gave several lectures to companies and in seminars regarding Reverse Engineering.Twitter: @externalist
• Ha Dong-Joo
• Ahn Ki-Chan

Links:

• https://defcon.org/html/defcon-18/dc-18-speakers.html#Ki-Chan
• https://infocon.org/cons/DEF CON/DEF CON 18/DEF CON 18 video and slides/DEF CON 18 - Ahn Ki-Chan and Ha Dong-Joo - Malware Migrating to Gaming Consoles - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=_M9N11xvxLw

Similar Presentations:

• VB2018 / DOKKAEBI: Documents of Korean and Evil Binary
• DerbyCon 3.0 All in the Family (2013) / The Malware Management Framework, a process you can use to find advanced malware. We found WinNTI with it!
• ekoparty 14 (2018) / To Execute or Not to Execute. How to Build a Malware Execution Lab