Don’t Touch My Wii!
Friday April 20, 2007 at 1:49 pm CST
Posted by David Rayhawk
Here’s an interesting development. Hackers have been working on exploiting the Nintendo Wii. As a popular tech-item, it is safe to assume this–but it looks like one has achieved a modicum of success.
First, don’t worry–your Wii is not in grave danger, so you can relax and read on . . . .
A few months ago, a vulnerability in the Opera browser was disclosed (and promptly patched by Opera). Check here for their knowledge-base article. Well, it turns out that Opera is the Internet browser for the Wii (aka “Internet Channel”)–and, it turns out that the original (“trial”) version posted to the store is pre-patch.
So folks that have downloaded the original Internet Channel for the Wii have this vulnerability. You can see a demonstration of it here:
Go to a web page that has the specially crafted JPEG image in it and Opera will crash. That means it’s theoretically possible to run malcode–and according to the hacker conversations they are trying hard to do exactly that.
Hackers are going to be out of luck though, the patched version of Opera (9.10) was released to the store on 12 April. So time is rapidly running out on pulling off an exploit for this one.
The Internet Channel on the Wii has to be update manually. So Wii users, if you downloaded the Internet Channel, you need to update it.
Still, this serves as a good reminder the any system, closed or otherwise, is vulnerable to malcode.
But the story goes on: Opera is quite popular on mobile handsets, so we tried it out on several handsets with potentially vulnerable versions of Opera installed. In our brief testing, we had two cases where the image successfully crashed the browser (one Symbian8/s60 and one Symbian9/UIQ).
So there is the potential for concern–especially since a someone was kind enough to post the directions for generating the specially crafted images. Now anyone can crash the un-patched browser. Remember, a crash is an opportunity to compromise a system–hard to do, but it does happen.
Now, if only Accounting will approve the lab’s requisition for a Wii for ongoing research purposes. We should probably get a PS3 also, just in case . . . . 
April 21st, 2007 at 05:00
Personally I think that a Wii for each lab (rather than just the US!) – and indeed a PS3 as well! should be considered essential equipment! (although you may need a product to sell for the Wii too rather than just identifying malware on servers hosting it!)
Dan Wolff
April 22nd, 2007 at 21:32
Thanks for the information. We spread the word on the exploit. Hopefully many will pick up the news and update soon enough. It’s interesting how the kinks in the Opera code are inherited for every platform. Oh, and Wii is a very good tool for…err…research.
April 23rd, 2007 at 14:44
[...] I was reading the Tanooki today and was pointed to a post from the McAfee Avert Labs Blog where the writer David Rayhawk warns that those using the 1st or “trial version” of the Wii Opera browser may have a system venerability. Don’t worry too much though there isn’t much that can be done to your Wii from an outside source. I’m guessing that “worst case scenario” here would be a wiped hard drive and missing game saves. I think a couple of reports may have surfaced about manipulated images but that has not been confirmed. [...]
December 27th, 2007 at 10:18
[...] In our era of gadgets and the Internet, online gaming is a popular feature of game systems like Sony PS2 and PS3, Microsoft Xbox, or Nintendo Wii. Apparently, along with the joy of online gaming come all the Internet risks too. According to this McAfee blog post by David Rayhawk, hackers have been working on exploiting the Nintendo Wii. Nintendo Wii uses Opera as its Internet browser. A few months ago, a vulnerability in the Opera browser was disclosed and promptly patched. However, it turned out that the original Wii version runs pre-patched version of the Opera browser and has this vulnerability. No need to panic, though. The problem does not pose any grave danger, and a patch is available. Still, it serves a reminder that no system is safe from the Internet dangers, so beware, you gamers! Tags: exploit, Internet risks, ISP, online gaming [...]