A hacking group dubbed Fail0verflow claims to have obtained the root encryption keys for PlayStation 5 (PS5). Possession of these keys is said to be the first step to unlock a gaming console that allows the installation of homebrew software. 

Furthermore, another hacker has shared some information that indicates that they managed to compromise the latest PS5 devices.

What do we know?

Fail0verflow claims on Twitter to have PS5’s decrypted firmware information. The uploaded image also highlights the code that is believed to be related to the system’s secure loader.
  • The decrypted firmware may allow Fail0verflow and other hackers to reverse engineer the code and create customized firmware with the ability to load homebrew software.
  • Extracting PS5’s system software program and creating a substitute requires an exploit that permits read or/ and write access to the PS5 kernel.
  • However, Fail0verflow did not talk about any exploit being used for the attack. Its tweet claims they obtained the keys from a software program, suggesting no modifications to any hardware.

Another hacker with an exploit?

Along with Fail0verflow’s claim, another well-known hacker, theFlow0, has tweeted some information that points toward a compromise of PS5.
TheFlow0 shared a screenshot displaying a Debug Settings option, along with a usual listing of PS5 settings.
  • Researchers claim that this debug setting used to be available only on development hardware in the past. However, this screenshot has an entirely different GUI, indicating that it is not old development hardware.
  • Moreover, TheFlow0’s tweet seems to be an exploit work in the built-in sharing function of a retail PS5, allowing it to enable the interior flags which further unlocks the mode on standard consumer hardware.

Conclusion

Fail0verflow is a group that hacks into gaming consoles. The recent activities compromising PS5 continue to pose threats to the gaming landscape. Until there is a complete fix to this loophole by the manufacturer, gamers must watch out for malicious threats exploiting it to infect their devices.

Cyware Publisher

Publisher

Cyware