Report: PlayStation 3 Faces New and Serious Hack

Sony's PlayStation 3 is facing a new security threat – one it hasn't seen since the system was cracked via the PSJailbreak in 2011. According to a report on Eurogamer, a new PlayStation Network-enabled custom firmware was recently released along with the publication of the console's LV0 decryption keys. While the release of the 3.60 firmware for the PlayStation 3 plugged many of the security holes in the console, those with hacked consoles or that are still running and earlier version of the firmware – 3.55 or lower – can supposedly use the custom firmware released in the wilds of the Internet.

So what serious security issues does this custom firmware and the publication of LV0 decryption keys bring to Sony's door? Well with the release of the LV0 key, hackers can decrypt future Sony firmware updates with little or no effort. The LV0 key allows for firmware downloaded to a PC to decrypt the CoreOS and XMB files then re-encrypt them using the existing 3.55 keys in order to be run on hacked consoles.

Eurogamer says that these keys may not have been released at all if not for a Chinese hacking outfit called "BlueDiskCFW," who gained access to the keys and planned to charge for new custom firmware updates it would create. The original group that created the LV0 had no plans on releasing them, but eventually they were leaked onto the Internet in some limited fashion. Seeing that someone was going to profit on them, the group known as "The Three Tuskateers" decided to release them into the wilds of the Internet.

"You can be sure that if it wouldn't have been for this leak, this key would never have seen the light of day, only the fear of our work being used by others to make money out of it has forced us to release this now," the group said in a statement.

Sony has yet to publicly comment on these new security risks, but no doubt they are already working on finding a way to make these new methods of compromising the PS3 ineffective. We'll have more on this story as it develops, but some in the hacking community are already calling these latest tools "the final hack for the PS3."

Source: Eurogamer

Tweet about this on TwitterShare on FacebookShare on Google+Share on RedditEmail this to someone


  1. 0
    SeanB says:

    When the PS3 was released, we were promised and sold on

    1) BD-J, which was removed

    2) Other OS, Which was removed

    3) Media player capabilities, Which were never fully developed

    4) Backwards compatibility, which was later removed, sometimes via firmware


    If the LV0 keys are really in the wilds…. i'm giddy just thinking about it.

  2. 0
    DorkmasterFlek says:

    Based on my understanding of this hack, the PS3 is well and truly fucked in terms of security now.  Basically, when the previous hack occurred and they got hold of the private signing key (through Sony's idiotic implementation of elliptic curve encryption), the 3.60 firmware basically moved all the later compromised parts of the bootloader up into the lv0 part to protect it.  This is the earliest part in the boot chain that can be updated via firmware.

    But now we've got the lv0 keys as well, which isn't a surprise because their whole encryption implementation was broken from the very beginning.  Somebody just finally realized that the lv0 encryption was broken as well.  The point is that the trick they used to resecure the bootloader with the 3.60 firmware won't work again.  There is no earlier part of the boot chain that is not compromised.  The system has effectively been broken completely.  All future firmwares will be decrypted instantly and modified to work on modded consoles, probably within days of being released.

Leave a Reply