With the Xbox One having landed in many countries, it's time to have a closer look at the new console generation. The Xbox One is equipped with two virtualized operating systems, both running on a hypervisor: the core system for gaming and a slimmed down version of Windows 8 for the app landscape. It is also planned to make it compatible with apps originally made for Windows Phone. It will also be interesting to see the level of platform sharing with Windows 8 and therefore the compatibility for malware targeting existing Windows systems. This, however, is still something yet to be explored.
There have already been malware attacks on games consoles in the past. Like Trojans for the Nintendo DS and Sony PSP as well as proof of concept attacks against the Nintendo Wii, in which the console was used as a door opener to breach corporate networks, as shown at BlackHat in 2010. The malware, however, was seldom seen in the wild and needed a -homebrew- firmware first, in order to be able to execute pirated games v this is the way the malware was disguised and it was then spread via torrents and other file sharing networks. This meant high barriers for malware authors and the reason for the low infection rates. However, the high interconnectivity of modern consoles, like apps for Twitter, Facebook, Youtube, chat tools and video conferencing like Skype opens doors and makes them more vulnerable to attacks.
There are several factors to assess the risk of a device concerning malware attacks: the popularity of a device (read: how widespread it is), the feasibility of an attack and the possibilities to make money with it. As for popularity, it's interesting since it's going to be made compatible with Windows Phone apps, for which no malware exists so far in the wild - probably because the market share isn't enough to lure cybercriminals. Its future compatibility, however, extends the target audience and might break the threshold to change that situation. As for the financial opportunities, so far only malware to brick the console's systems had been spotted in the wild; something that doesn-t fit into today's cybercrime business, which only targets systems to make money (on a side note, the first evil pranks to allegedly make the Xbox One backwardly compatible to play Xbox 360, but rendering the console useless by messing with the devkit, have already appeared). However, with modern consoles, things are a bit different. Since the makers of devices are increasingly including the possibility to install additional applications (and pay for them via credit cards, saved on your gaming account) and social media interconnectivity to share the progress and achievements in a game for a "fuller gaming experience", as well as offering decent hardware performance, consoles are in fact attractive for criminals.
All this offers a new playground for malware types like ransomware, which could lock up the console until a ransom is paid, Trojans that steal personal information stored on the device ( login credentials to the online account or credit card information) or abuse the hardware performance to mine bitcoins, as seen on PCs.
Games consoles have clearly moved beyond just gaming. In a world where more and more devices and online services get merged and interconnected, it will be interesting to see what the future will bring and if we will see the first major malware outbreak in console-land. This blog post is certainly not intended to spread fear, uncertainty and doubt, but just to offer thoughts that occurred to me when I read about the console specifics. Happy and secure gaming to all people out there who already purchased a next gen console or are planning to do so in future!
2013 Dec 18, 03:11
Console Settings Security (DMZ/Port-Forwarding)
With Skype, Facebook and other third-party apps being integrated into next-gen consoles, what do you do you recommend for users looking to securely configure their console's internet connection/NAT settings? Should they put the console in a DMZ or is port-forwarding a safer option?