The fake PSP ‘downgrade’ that has been circulating on the net has now been labelled a trojan by security company Symantec.The so-called ‘downgrade’, distributed by some of the ‘less reputable’ hacker sites, needs to be downloaded and installed willingly by the user, and can’t be ‘spread’ as such. Symantec has labelled the program the Trojan.PSPBrick, and a Category 1 threat (where Category 5 is the worst).
Last week, a similar program appeared which enabled users to downgrade their PSP to version one, and then upgrade to the ‘hack-friendly’ 1.5 firmware. This would allow users to run copied games and third-party HomeBrews like arcade game ROMs. Later firmware revisions released by Sony have stopped these hacks from working.
The downgrade works by causing a buffer run overflow in the PSP, which causes the PSP to believe it now runs on the version 1.0 firmware. Hackers have then seized on this vulnerability and released a fake downgrade which destroys the PSPs firmware and ‘bricks’ it. The trojan is named ‘EXPLOIT 2G PSP Team V1.RAR’ in the wild.
Sony released the PSP firmware 2.01 earlier this week in Japan only, which prevents buffer overruns from occurring, and hence prevents both the downgrade hack and the trojan from working. And, unlike the version 2.0 which added a web browser, it has no other features.