A Chinese hacking group says it has released a custom Sony PlayStation 3 firmware which can circumvent the firmware on the game console.
BlueDiskCFW released the custom firmware CFW which contains the LVO encryption keys to enable users to bypass the current PlayStation Network (PSN) passphrase security protocol, according to The Hacker News Web site on Wednesday.
PS3’s security had come under fire in early-2011 when hacker group, Fail0verflow, detailed a technique to gain unauthorized codes running on the Sony console. Sony then released the 3.60 firmware, which plugged several security holes identified from the incident, but users continued to run the older firmware and chose not to migrate their systems onto PSN, coming under fire over piracy issues.
Even if Sony were to update the system with new firmware, the latest release of the LV0 decryption keys would make it easy for hackers to lay bare future security measures in system updates.
According to The Hacker News, BlueDiskCFW had planned to charge a fee for the custom firmware, prompting another hacker group, The Three Tuskateers, to release the LV0 keys and announce it had actually uncovered the keys but had opted not to publish them.
In a statement released by the group Tuesday, The Three Tuskateers said it had sat on the discovery for some time and chose to release the information now only because it had been leaked to the Chinese hacker group. “You can be sure that if it wouldn’t have been for this leak, this key would never have seen the light of day,” it said. “Only the fear of our work being used by others to make money out of it has forced us to release this now.”
Sony PlayStation declined to comment when approached by ZDNet Asia.