Hacking group Team Xecuter—the developers of Nintendo Switch jailbreaking software SX OS that helps gamers play homebrewed and pirated games on the console—has itself been caught using anti-piracy measures in its own code that can brick your Switch, if it detects you are trying to crack it for unauthorized distribution.
If you own a Nintendo Switch, you must be aware that to fight piracy on the console, the company has an anti-piracy measure in place that uses encrypted certificates to verify a game's legitimacy. If it detects any pirated game or modified console, the Switch immediately gets banned from the company's online servers.
To bypass these restrictions, developers' groups like Team Xecuter (TX) offer jailbreaking software that enables gamers to play pirated games on the gaming console.
Earlier this month, Team Xecuter (TX) released its custom jailbroken firmware, dubbed SX OS, for Nintendo's latest Switches, along with a dongle (SX Pro) for booting the firmware on the console. But, unlike other pirate game developers, the team sells SX Pro and SX OS for £42.40 and £18.80 respectively.
However, it appears that Team Xecuter believes some pirates might try to crack its software, like the company itself did by cracking Nintendo Switch.
Therefore, TX ironically added a 'brick code' into its SX OS firmware which can lock up the Switch's internal memory (eMMC) with a totally random password if it detects an attempt to crack or free distribute its software online.
The discovery was made by UK-based vulnerability researcher Mike Heskin, who reverse engineered the SX OS code, intentionally triggered the bricking feature, and eventually ended up bricking his own Switch with a randomly generated password.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
Heskin then revealed that the anti-piracy countermeasure could potentially brick people's console who are using SX OS normally.
"The code can indeed trigger with normal usage, but the odds are so low that is very unlikely that anyone will be affected by this (unless you're messing with voltage or time-sensitive stuff)," Heskin tweeted. "These were direct observations from reverse engineering and testing their code."However, Heskin was able to undo the bricking process and disabled the password lock, which is, of course, not an easy task for an average user with not much technical knowledge.
"Regular users won't be able to restore the NAND normally. You need to mess with raw MMC commands to either unlock or force erase the eMMC," Heskin tweeted.
Heskin has offered a more in-depth explanation of his findings on his blog.