Panda Software said that over the last several days, it has tracked a trio of Trojans that aimed to reduce Sony's PSP (PlayStation Portable) and the Nintendo DS game consoles into expensive bricks.
The three pieces of malware -- Format.a, Tahen.a, and Tahen.b -- pose as tools to run unsigned code (games that have been cracked, and then illegally copied) on the PSP or as homemade applications for the Nintendo. When users install them, however, the Trojans overwrite portions of the consoles' firmware -- the software embedded in the machines) and make then unusable.
While that may sound vicious -- rival security firm F-Secure posted a 14MB video file of a PSP being infected, and obliterated -- it's not as dangerous as it sounds, Panda said.
"Videogame consoles are not designed for using third-party software," said Luis Corrons, the director of Panda's research labs, in a statement. "In order for the malicious codes detected so far to reach one of these consoles, users would have to voluntarily run applications from unauthorized sources. Remember that just as with PCs, downloading and running software from dubious sources is always a serious security risk."
Soon, however, the risk to gamers may get a boost from the xBox 360, the Microsoft console expected to ship next month.
xBox 360 is much more Internet-centric than other consoles," argued Patrick Hinojosa, the chief technology officer of Panda, in an interview. "It has a lot more online capabilities, and because of that I think that malicious code will be more prevalent than on other systems."
While he doesn't see a risk in the xBox 360-Windows XP Media Center connection -- the two devices don't share a similar operating system -- Hinojosa expects that hackers will post code online disguised, for instance, as a game crack. "It may not happen in the immediate future, but I think it's a potential danger," he said.
In part, the fact that xBox has a Microsoft nameplate will draw attackers. "There's a certain segment of people who just don't like Microsoft, and the numbers in the black hat [hacker] community are even greater.