Warning!!VIRUS - PSP-Forum.com

PSPsicosis · 10-15-2005, 10:30 AM

I have to tell you what happened yesterday.Yesterday was friday,and as each friday my "norton 2005" performs a full system scan.Usually I get none virus files, or if I get i wont be such a big deal.

Yesterday it sayd I had two threads.I wasn't very surprbut I hesitadised as I get this frequently; But when I got to see what kind of virus I was on the shock.

I HAD THE PSPBrick VIRUS IN MY COMPUTER.Frist I couldn´t believe Norton could recognize virus that are not even dangerous for the computer and SECOND y could´t believe I actually HAD that VIRUS.But It was kind of ligical, in a certain way.A week ago I downloaded the downgrader from the internet and I intended to use it but I hesitated so I didn´t.But I saved it in my computer to maybe use it later.I can't believe that f***ing webpage is given away so much viruses.I won't tell the webpage but if you guys really want to know it just give me your e-mail and I will tell you.

By the way I went to the Norton Thread Information Webpage and i saw this really good information about the Virus.(I'm making a cpy past from the norton internet security webpage)

Trojan.PSPBrick arrives as an archive file named EXPLOIT 2.0 PSP Team V1.RAR which consists of the files overflow.tif and h.bin. Instructions call for the file h.bin to be placed in the root of a USB device and overflow.tif in the folder /PSP/PHOTO/. This archive may also contain a text file called PSPTEAM.NFO.

When executed, Trojan.PSPBrick performs the following actions:

Deletes the following critical system files:

/vsh/etc/index.dat
/kd/loadcore.prx
/kd/loadexec.prx
flash6:/kd/init.prx

Notes:
These files are required for restarting the Playstation Portable device correctly.

Displays the following message:

"Your 2.0[REMOVED]oot "
"Thank you P[REMOVED]ch team"
"Fu[REMOVED]ooser"

Displays the following message, when the file overflow.tif uses an exploit to cause the execution of h.bin:

"PS[REMOVED]2.0 firmware"
"Thank's t[REMOVED]2.0 exploit

Prevents the Playstation Portable device from restarting correctly once the Trojan is executed by exploiting the the Sony PSP Photo Viewer TIFF Image Handling Remote Buffer Overflow Vulnerability

The lesson we have to get from this experience is"ALWAYS KNOW THE SOURCE WHERE YOU GET YOUR DOWNGRADER,AND GENERALLY THE STUFF FOR YOUR PSP"

ExaSpidey · 10-15-2005, 10:41 AM

It's great that you told everyone what EXACTLY the Trojan.brick virus thingy does. But next time PLEASE post the information in the correct thread. You didn't need to start a new thread about a subject that's already covered in another thread. LOCKED

10-15-2005, 10:30 AM	#1 (permalink)
PSPsicosis Hi! I'm new around here... Join Date: Aug 2005 Posts: 12	Warning!!VIRUS I have to tell you what happened yesterday.Yesterday was friday,and as each friday my "norton 2005" performs a full system scan.Usually I get none virus files, or if I get i wont be such a big deal. Yesterday it sayd I had two threads.I wasn't very surprbut I hesitadised as I get this frequently; But when I got to see what kind of virus I was on the shock. I HAD THE PSPBrick VIRUS IN MY COMPUTER.Frist I couldn´t believe Norton could recognize virus that are not even dangerous for the computer and SECOND y could´t believe I actually HAD that VIRUS.But It was kind of ligical, in a certain way.A week ago I downloaded the downgrader from the internet and I intended to use it but I hesitated so I didn´t.But I saved it in my computer to maybe use it later.I can't believe that f***ing webpage is given away so much viruses.I won't tell the webpage but if you guys really want to know it just give me your e-mail and I will tell you. By the way I went to the Norton Thread Information Webpage and i saw this really good information about the Virus.(I'm making a cpy past from the norton internet security webpage) Trojan.PSPBrick arrives as an archive file named EXPLOIT 2.0 PSP Team V1.RAR which consists of the files overflow.tif and h.bin. Instructions call for the file h.bin to be placed in the root of a USB device and overflow.tif in the folder /PSP/PHOTO/. This archive may also contain a text file called PSPTEAM.NFO. When executed, Trojan.PSPBrick performs the following actions: Deletes the following critical system files: /vsh/etc/index.dat /kd/loadcore.prx /kd/loadexec.prx flash6:/kd/init.prx Notes: These files are required for restarting the Playstation Portable device correctly. Displays the following message: "Your 2.0[REMOVED]oot " "Thank you P[REMOVED]ch team" "Fu[REMOVED]ooser" Displays the following message, when the file overflow.tif uses an exploit to cause the execution of h.bin: "PS[REMOVED]2.0 firmware" "Thank's t[REMOVED]2.0 exploit Prevents the Playstation Portable device from restarting correctly once the Trojan is executed by exploiting the the Sony PSP Photo Viewer TIFF Image Handling Remote Buffer Overflow Vulnerability The lesson we have to get from this experience is"ALWAYS KNOW THE SOURCE WHERE YOU GET YOUR DOWNGRADER,AND GENERALLY THE STUFF FOR YOUR PSP" __________________ A language that doesn\'t affect the way you think about programming, is not worth knowing - Alan Perlis

10-15-2005, 10:41 AM	#2 (permalink)
ExaSpidey Former 12th Squad Captian Join Date: Aug 2005 Location: Arlington, Tx Posts: 757	It's great that you told everyone what EXACTLY the Trojan.brick virus thingy does. But next time PLEASE post the information in the correct thread. You didn't need to start a new thread about a subject that's already covered in another thread. LOCKED __________________ Go ahead.....CLICK my sig! Life's Little Questions! * = unsure about spelling

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode