Wii, cellphone net surfers face attack risk: researcher
Last Updated: Monday, April 23, 2007 | 4:18 PM ET
CBC News
Related
External Links
(Note: CBC does not endorse and is not responsible for the content of external sites - links will open in new window)
People who surf the internet with Nintendo's Wii video game console or on some cellphones may risk seeing their devices crashing or being hijacked, security experts say.
According to researchers at security software company McAfee Inc., the potential problem stems from a flaw in versions of the Opera web browser that may be in use on the Wii or come preinstalled on some cellphones, or that are available as a free download from Opera Software ASA of Oslo, Norway.
"Don't worry — your Wii is not in grave danger," David Rayhawk wrote in a cautionary note posted to the security firm's McAfee Avert Labs blog on Friday.
| Net security jargon |
|---|
|
BOTNETS are networks of computers that have been hijacked by malicious groups or individuals to do their bidding. Their owners are usually unwitting victims who have no idea their machines have been infected and turned into so-called zombies. Botnet operators often rent time or bandwidth on their networks to spam e-mail marketers and phishing scam artists. MALWARE is a catch-all term for malicious software such as computer viruses, spyware and so on that compromise the security or function of people's computers. Phishing is a technique in which criminals try to trick people into disclosing sensitive information such as online banking names and passwords and is often conducted through e-mails. TROJANS are programs that appear to perform one function in order to hide a malicious one. Like the mythological Trojan horse such programs are named after, the deception tricks people into granting them access to a computer. ZOMBIES are computers that have been hijacked by attackers to perform commands and functions issued to them, often without the owners' knowledge. They are typically infected by Trojans that enable attackers to use them in a botnet, which are used to distribute spam phishing e-mails, or viruses and Trojans that let them hijack other computers. An infected computer is sometimes referred to as a bot — short for robot. |
The security vulnerability in versions of the Opera browser prior to version 9.10 stems from the way in which the software handles specially crafted or corrupted JPEG images. The problem can cause the program to crash, exposing machines running an unpatched version of Opera to attack.
The risk to the Wii is only found in the original or trial version of the console's Internet Channel that was available before April 12, according to Rayhawk.
Although there are no confirmed reports of people's Wii consoles being taken over in this manner, the exploit is similar to ones used on desktop and laptop computers that can allow an attacker to gain control of a machine and remotely run software used in phishing scams or botnets, for example.
"Folks that have downloaded the original Internet Channel for the Wii have this vulnerability," he wrote. "That means it's theoretically possible to run malcode — and according to the hacker conversations they are trying hard to do exactly that."
Rayhawk explained that the console's browsing software can only be updated manually and that users should do so as soon as possible.
But the risk doesn't end there, he said, noting that McAfee researchers were able to use the vulnerability to successfully crash the browser on cellphones running Opera.
Opera may come pre-installed on some Nokia and Kyocera cellphones. Versions of the browser are also available for phones that run on the Symbian Series 60, Microsoft Corp.'s Windows Mobile, and the UIQ operating systems.
Nokia cellphones run on Series 60, while Windows Mobile is used on Motorola Inc.'s Q, Palm's Treo 700wx and other devices, and UIQ handsets include phones by Motorola and Sony-Ericsson.
No phones offered by Rogers Wireless or Bell Mobility come with Opera pre-installed, company spokespeople told CBC News Online. Spokespeople for Telus did not immediately respond to CBC's inquiry.
An Opera spokeswoman told CBC News Online that the company was looking into the matter.
CBC News Online was not immediately able to reach Nintendo spokespeople.
Share Tools
Top News Headlines
- Everest victim's husband says family not seeking government help
- The husband of a Toronto woman who died trying to climb Mt. Everest on Saturday says his family is not seeking government help to cover the cost of bringing his wife's body home. more »
- B.C. premier unhappy with disgraced Mountie's transfer
- B.C. Premier Christy Clark says she is not happy with the RCMP decision to transfer a disgraced Alberta Mountie to the West Coast. more »
- Henrique's OT goal sends Devils into Stanley Cup final
- The New Jersey Devils will vie for a potential fourth Stanley Cup in franchise history after defeating the New York Rangers in six games in the Eastern final, courtesy of rookie Adam Henrique's goal early in overtime. more »
- Employment Insurance review boards to be scrapped
- The federal government is scrapping two review boards used by people appealing decisions made about their employment insurance. more »
Latest Technology & Science News Headlines
- Unloading of docked SpaceX capsule to start Saturday
- The privately bankrolled SpaceX Dragon capsule made a historic arrival at the International Space Station on Friday, and astronauts will begin unloading some of the 544 kilograms of food, water, clothing and other supplies its carrying starting Saturday. more »
- South Africa, Australia to share world's largest telescope
- South Africa and Australia will jointly host the Square Kilometre Array, which promises to be the world's largest telescope, the international consortium in charge of the project said Friday. more »
- Bonavista, N.L., 'coyote' was really wolf, tests confirm
- Wolves have not been seen in Newfoundland since around 1930 and were believed to have been hunted to extinction on the island, but genetic tests have confirmed that an 82-pound animal shot on the Bonavista Peninsula in March was, in fact, a wolf. more »
- Once-rare argus butterfly thriving thanks to climate change
- Global warming is threatening the existence of many species, such as the giant polar bear, but in the case of Britain's brown argus butterfly, it took a species in trouble and made it thrive. more »
- Yahoo scraps digital magazine designed for iPad
- Yahoo has killed Livestand, a tablet magazine, just six months after its debut on the iPad. more »
Bob McDonald's Blog
Government to shut down unique fresh water research area May. 25, 2012 12:31 PM The Experimental Lakes Area research facility in Northern Ontario is being closed down after 44 years of providing invaluable data to scientists in Canada and internationally, a decision that has stunned researchers and environmental groups.
Quirks & Quarks
- May 26: Before the Lights Go Out May. 25, 2012 4:15 PM A new book, "Before the Lights Go Out: Conquering the Energy Crisis Before It Conquers Us", suggests that the unpredictable, unplanned, ad-hoc way our energy use developed in the past will shape our energy future.
Latest Features
- Aylmer triple stabbing leads to first-degree murder charges
- Everest victim's husband says family not seeking government help
- B.C. premier unhappy with disgraced Mountie's transfer
- Third B.C. salmon farm quarantined
- What a Greek euro exit could mean for Canada
- RCMP officer charged in fatal crash
- Canada ending 'Buffalo shuffle' for visas, closing consulate
- Reclaiming the dead on Mt. Everest
- Employment Insurance review boards to be scrapped
