New DS trojan bricks your Nintendo DS
By Ryan Block 
posted October 10th 2005 7:30AM
posted October 10th 2005 7:30AM
DS users, you no longer reserve the right to feel like virus-free Mac nerds to the PSP fanboys' PC dweeb—a trojan of the same kind as we saw before in the Trojan.PSPBrick has come to brick that dual-screened gaming device of yours, and we ain't talking about the Neo DoubleGames here. So if you happen to be of the dubious persuasion to run 3rd party DS roms claiming to be hentai viewers (ahem), don't come whining to us when you're stuck with a fancy paperweight trying to figure how to restore your DS to a playable state.
i think it`s all a bunch of bull to prevent losers from looking at anime porn...
Hentai viewer...another classic trojan bait. Amazing they seem ubiquitous enough so as to be on the DS.
the timing of this makes me wonder if it is true. i mean, was the DS virus programmed in response to PSPbrick? perhaps it was made by the same guy.
or... maybe it's someone's idea of a joke.
"the timing of this makes me wonder if it is true"
Yes i agree. Since people were so certain that Sony was behind the PSPbrick virus they are probobly behind this one too. Sony probobly thought they gathered so much negative publicity the other handheld had to have a virus too. $ony is truely evil. /sarcasm
it's rumoured that this trojan is made by the same guy that basically started the entire ds homebrew scene in the first place. people are, unsurprisingly, quite upset about all this.
Rather well timed me thinks, I doubt this one is by Sony but the PSPBrick one does seem rather fishy. Someone probably had their PSP affected by the PSPBrick and thought they'd take it out on DS people too. I doubt the truth about this will come out, though i'm not sure how Nintendo can combat this (I dont own a DS so i'm not sure if they do updates the same way Sony do)
It's no rumor, it was made by some guy called Darkfader, very well known in the DS programming scene. Unfortunately.
uh, well, I would never run roms on that thing.. you can do that on ....
...
a virus-free mac..
DS actually has cool interesting games.. it doesn't need Chrono Trigger roms like PSP
typo: "know longer" and "no longer"
I swear to god the people who do this should be caught and castrated.
I mean what kind of possible joy can you get from destroying other peoples property.
Well, if you think about it, this guy could have made it NOT as a wayto brick people's DS's, but to prove that the DS was not "unhackable" ... it's just .... similar to a Mac. Doesn't mean it can't be done, but the demand isn't there.
Oh, and anyone looking at Hentai on their DS needs more than the bricking of their DS.
"I swear to god the people who do this should be caught and castrated."
Come on now. The PSP and DS brick trojans are things of beauty. I'm against psycho EULAs as much as anyone, but they wouldn't be nearly as bad nowadays if console piracy wasn't as out of control. Anything that puts your money where your mouth is when it comes to "proceeding at your own risk" is fine by me.
"Oh, and anyone looking at Hentai on their DS needs more than the bricking of their DS."
I know this is just a joke but if people are petting virtual dogs they should be able to look at tentacle porn.
"Oh, and anyone looking at Hentai on their DS needs more than the bricking of their DS."
I know this is just a joke but if people are petting virtual dogs they should be able to look at tentacle porn.
All I have to say is good riddens. the DS was such a pointless portable.
I think castration is crude and unimaginative.
I prefer sentencing them to community service for the next 20-40 years. I think it would be more productive, and more likely to dissuade imitators.
Losers can't imagine going to jail, or whatever, but they can full well imagine losing their Saturdays.
The brick program was actually made as a "joke" according to the irc log when it was thrust into the wild. It was to deter the kiddees who want commercial roms to work with flash equip. Obviously darkfader had no hindsight when creating this. The usual places have the info on how to keep your ds from getting bricked.
# 13, go bug off.
#10 Yeah, well, those "psycho EULA's" are for people who brick their PSP/DS pirating shit, then want it replaced under warranty. You play, you pay type rule.
#15, you've got to be pretty dense to get your system bricked anyway.
erm...
You can't write to the DS's firmware without bridging a (slightly) hidden contact. You would have to be supremely stupid to brick your DS for a hentai viewer in this way.
Fake or just not anything to worry about
Someone even donated $6.66 to him. Can you imagine? :)
#13...Computer Tech Support
The use of "good riddens" to show your hatred for the DS only serves to *further* illuminate your stupidity.
(FYI: "good riddance" is the proper term)
Back on topic...
I hate to see this sort of thing in the wild.
It almost makes the DMCA seem like a *good* thing!
"They just want to protect us from malware and from accidentally "bricking" our hardware!"
I can guarantee you that the people who release these exploits that kill your PSP/DS will never see any criminal charges as they are helping big business keep their devices from being used in unauthorized ways. Which also makes me question who they are working for...
"You can't write to the DS's firmware without bridging a (slightly) hidden contact. You would have to be supremely stupid to brick your DS for a hentai viewer in this way."
From what I've read on the various DS homebrew sites, only the first 64 kb of the firmware is protected, and therefore the rest is free game for overwriting.
Shorting that contact is for writing to a different section of the system, and it's where the FlashMe program writes its recovery code (which is the point where you short the contact). Therefore, if someone bricks their DS with this but had FlashMe installed, it's possible to get the regular DS firmware restored. Otherwise, it's just an expensive paperweight. In any case, the point is that you don't have to bridge the contact in order to brick the DS with that program.
Like #15 said, the bricking program was also released with a description of being a romloader for illegal commercial roms.
What sux is that this NDSbrick tries to destroy the firmware of most DS Flash Cards as well (except for the one DarkFader has intere$t in). Some can recover (M3, G6) but some are destroyed (SuperCard). What I don't understand is how destroying DS and Flash Card can HELP Home-Brew community? All it does is scares people from running Freeware on DS!
How it helps.. it scares away the "stupid" people, helping hide the better communities for this kind of market.. it's easier to hide in plain sight isn't it.. when loads of people get bricked ect, the hidden communities have a wall of idiots to hide behind...
From Darkfader.net
DARKFADER APOLOGIZES FOR MAKING THE TROJAN
Notice on the DS bricker trojan
I want to say sorry to everyone out there. I should have realized the impact. Not just few DS'es that were hurt, but all the damn media and whatnot.
I cannot really justify my actions. It was also very selfish to draw some attention, which I tend to do in odd ways.
It caused some harm to some non-targetted and targetted people owning a DS with non-Nintendo-approved hardware.
And that is a terrible thing to do. Even more so with the reputation I had in the DS homebrew scene that now completely abandoned me.
I do not have clear reasons and I can't blaim the little headache I had at the time. I just had to realize the idea I had after seeing the PSP variant of a bricker.
The files do not come with any form of name/signature of me, a thing I would do if it could be trusted.
I won't release any more of this crap for DS and I don't think parts of this trojan or the idea itself will emerge in future homebrew releases.
The point is probably clear. Do not run any form of untrusted code that just suddenly appears without any name.
If you only use official Nintendo games, there is absolutely nothing to worry about.
Untrusted code includes ROM loaders and that sort of stuff. It's probably not a very good reason since it has been proven before.
I can tell that the negative feedback is far greater than the positive ones. I received one donation of $6.66 and I'm not proud of it.
One news site completely ignores the r0mloader version and reasoning behind it. grrrrr.
Another common mistake: A TROJAN IS NOT A VIRUS! That means that it does not propagate on its own. And thus non-intrusive.
The trojan was released in two forms:
TROJ_DSBRICK.A, Trojan.DSBrick.A, 151361 bytes, md5sum a959cfa514f4c7162a81421ee99d3356, r0mloader.nds
Version A was intended for the so called ROM-pirates. Hence the name of the filename and description. It was anonymously posted to just a few IRC channels and one forum. Elsewhere, it was known that is was a trojan.
After doing its thing, it shows a picture of a brick wall. Apropriate to the situation.
TROJ_DSBRICK.B, Trojan.DSBrick.B, 548673 bytes, md5sum 8e7a3728759df265ca3a78553cf27bb8, taihen.nds
Version B was not really released into public and should rarely be seen. It was only directly released in a closed IRC channel with prior notice of what it did and a comment that might have triggered some (less evil than me) persons to pass it along.
After doing its thing, it cycles through five attractive drawings.
I cannot control the propagation of the files or the names it might be disguised as.
Ok, on to the more technical details:
The trojan _tries_ (but not definately succeeds) to:
* Erase DS firmware. Practically the first 64 KBytes are write-protected and thus is recoverable when the FlashMe firmware was installed.
* Erase first few sectors of CompactFlash card inside GBA movieplayer. You can try to sort out your data sectors if you really want something back.
* Erase GBA movieplayer firmware. Fairly easy to fix using flashmp utility.
* Erase Supercard firmware. A fix is currently being worked on.
* Erase XG/Neo flash card. Seems it was forgotten to be mentioned in r0mloader.txt.
If you have a legal use for these functions like testing recovery tools, you're welcome.
Here are some fixing utilities and links:
ppflash.zip - Contains info, sourcecode and binary to flash the fail-safe loader also contained in FlashMe using a parallel port connection. Some soldering skills are required to perform this operation. Don't worry about voiding your warranty because you already have according to the DS manuals.
FlashMe - The page to get FlashMe. You can't survive without it.
flashmp.zip - Firmware flasher for GBA Movie Player. Supports writing to Supercard, but the included firmware IS NOT WORKING probably because of a bad firmware dump! If you have an original firmware version and Flash Advance Linker, let me know.
Probably more to come.
Hmm.. grep utility didn't seem to work very well with the DSbrick.signature file.
A good way to prevent malicious firmware access is to keep a record of known ARM7 binaries. This could be incorporated into ndstool.
Love that part about $6.66 donation ;)
I'm so sick and tired of all these trojans and viruses it makes want to vomit. These people really need to get a life.
Well, there's one good thing that comes out of this. Now I don't have little n00bs screaming in my face saying "The DS is better than the PSP because there aren't any trojans out for it!"
Well I just passed through looking for source code for creating my own homebrew apps for ds and now im scarred.
Yes these hackers and virus writers need punishment, Im partial to training a bear to violate them. Guaranteed not to do it again!!
I will say at least this wasnt disguised as a homebrew app but as a vid or rom but there is still no point. He should have just put a scare in there instead like that old niceday virus for pc (looked like it deleted windows,really an add for a game called virus).