PlayStation 4 users are claiming that they are receiving messages that are preventing them from using their consoles.
In several threads on the r/PS4 Reddit board, users are reporting that they are receiving messages through the console’s messaging application that are hard locking their consoles. The stories all follow a similar pattern: users receive a message, their controllers and sound outputs fail, and resetting the console results in continual error loops.
While the exact cause is unclear, many users in the Reddit thread have likened the exploit to previous messaging exploits such as this one from 2015 in which a unique string of characters could crash an iPhone. In describing the PS4 message, one player wrote that it was merely a question mark in a box, suggesting that the malicious messages cannot even be displayed by the PS4.
Some users have claimed that doing a factory reset will delete the message and fix the problem, while others have claimed that the only way to fix the error is to delete the message using the PlayStation mobile app or by logging into the account from a browser and deleting the message that way.
It does seem that the exploit is purely text-based, so changing your PlayStation messenger privacy settings should prevent it from happening. You can do that by going to Account Management in your console Settings, heading to the Privacy Settings submenu, and changing Messaging settings to “Friends Only” or “No One,” meaning that only your pre-selected friends or no one at all can message you.
Kotaku has reached out to Sony for comment but they did not respond in time for publication. We will update this story in the event that they do.
Comments
9 responses to “PS4 Users Are Claiming That Malicious Messages Are Breaking Their Consoles”
Been following this on reddit and I believe that users sending out these messaegs should have their consoles/accounts banned. Permanently trying to brick other users consoles is a scummy thing to do, so Sony should ban them
totally agree. full system and account ban.
Ok but how does that fix the issue? If people are sending these then there is a fair assumption that they know how to spoof their mac address or any identifier Sony needs to ban a console.
I disabled all messages after seeing this yesterday
How does that even work? It’s a text message, or some code hidden in it? How does that get at the operating system? Genuinely curious, just seems amazing that a string of text delivered through a message could have this effect.
@bass400 It sounds like an XSS (cross site scripting) exploit. Basically, the attacker has found a way to insert certain characters into their message (perhaps by using the playstation app) even though those characters should be protected / disallowed. At worst this allows a method of injecting (programming) code into the system, but more likely the system is just unable to cope with the unexpected message and “locks”. Quite frankly this is something that should have been identified in penetration testing.
Go watch the story on the iPhone crashing (which was referred to in the story) for an idea https://youtu.be/hJLMSllzoLA
Basically, it comes down to bugs in the text handling routines.
There are a lot of hidden characters that you cannot see in text. Line breaks (CR/LF) and tabs are examples. It’s quite possible that the code for handling the text does not react well to unusual hidden characters.
Wouldn’t be surprised if an inserted NULL character could be responsible for this. The routines for handling the text message may assign a memory buffer that calculates the message size up to the first NULL, and then the actual received data overflows this buffer, causing havoc to the variable stack. It’s a typical programming error, although good programmers generally know better than to make this sort of gaffe.
Your question is a great one, but the explanation is incredibly complex and digs in to the low-level operations of a computer.
The exploit involves sending non-text content in a message. The problem is that when the computer [PS4] opens a message, it expects the data to be text, and runs through any number of functions to display it on your screen. But what happens if the data isn’t text? The function fails to process it correctly and that’s when things can get messy. Handling [or mishandling] of exceptions is one of the cores of computer security. With enough knowledge of the inner workings of the system [and with a system with poor exception handling], you can craft data in such a way that when a function fails you can “break out” and start to run wild. Sometimes this can be fun [if you have ever seen videos of people using an exploit in a gameboy or SNES game to reprogram it into other games, for example], sometimes it can be used for malicious reasons like infiltrating a system or installing malware. Or, in cases like this, it can be used to write data somewhere it’s REALLY not meant to and corrupt the system.
Because the PS4 is a closed system, perhaps some engineers at sony assumed that only PS4’s would be connecting to the network. If you have something like a jailbroken PS4, you could modify it to insert whatever data you like within a message.
Thanks, great answer (and the others above).
Rendering text is surprisingly difficult if you try to support more than just English. At the simple end, you’ve got multi-byte character encodings where different characters can take different numbers of bytes to represent. You’ve got cases where a single glyph is used to render a sequence of characters (e.g. ligatures like “ff” in English, blocks in Korean Hangul, etc). You’ve got cases where multiple glyphs are used to render a single character (e.g. the accents used in European languages might be separate glyphs from the base letters).
You’ve got cases where some languages are written right to left, and you might even mix LTR and RTL text in a single sentence. There are even special code points so that you can e.g. force RTL rendering of English text or LTR rendering of Arabic.
All of this is driven by simple Unicode text as found in the messaging app. It’s not that surprising that someone found a vulnerability.