A BreachForums member has claimed to have hacked Nintendo NX, the gaming console of the Japanese multinational video game company.
The person under the alias netbox, who claims to be 16 years old, said in a post that Nintendo’s developer portal and was hacked to obtain confidential information such as documents, development tools, source code, and backend code for Nintendo’s network.
“This is probably my biggest and most hyped-up leak of all time. I present to you the ultimate leak, a leak bigger than the Discord leak. This is the Nintendo NX LEAK,” read the post by the hacker.
The Nintendo Switch, originally referred to as the NX, was first introduced to the public in March 2015 as part of an announcement for Nintendo’s collaboration with mobile game developer DeNA.
For over a year and a half, the console was known by this codename before officially being named the Nintendo Switch.
The Cyber Express has reached out to the gaming company to confirm the claims made by the hacker.
Nintendo Data Breach
“I kept hacking until I got credentials for an account that had access to Nintendo Switch. I then began figuring out how their technology worked. I then found out that there was potentially up to 50GB+ worth of content hanging around on their CDN,” read the hacker’s post on the forum.
An application process guarded the Nintendo Switch section of the site, and the coveted content was protected by unbreakable encryption – a unique identifier (UID) that defied all attempts at discovery. The hacker claimed he resorted to using a tool that Nintendo had provided to its trusted developers, the NDI.
This online tool, designed for the creation of “developer environments” and management of dev hardware, was the key that unlocked the door to a trove of information. Documents, code for SDKs, tools, and more – the hacker was able to download it all.
The hacker also discovered files that were packaged in a format known as ZARF, which were impenetrable to most file explorers. The hacker was able to successfully unlock the files and documents within the encrypted Nintendo folders.
By bypassing conventional methods and utilizing a Windows 10 virtual machine, the hacker extracted the coveted ZIP files from the secure ZARF archives and acquired confidential content from the gaming giant.
“I could now download everything without installing it the legitimate way, which allowed me to build this leak in the first place. All of this was done under a Windows 10 virtual machine, a pain in the ass. But now I’m bringing it to you!,” the hacker wrote while concluding the post.
Nintendo data breach: What data has been compromised?
It is not new when a hacker aims for an online presence instead of ransom or monetary benefit. Some cyber criminals hack into companies to prove their worth and skills to online communities, which seems to be the case in this particular incident as the 16-year-old hacker has showcased his skills by demanding any payment. However, those downloading the data do require a decryption key.
The compromised data includes the following information:
- Documents related to the inner workings of the NX system (NX is the codename for Nintendo Switch)
- Development tools related to game development of Nintendo (Nintendo SDK and Unity for NX)
- Source code related to tools by Nintendo that is used in many Nintendo Switch games!
- Backend code for Nintendo networking (NPLN, NEX, Pia)
- Graphics, files, and other important data
The hackers intended the recipient to enjoy the leaked information without expecting compensation. The individual suggested spreading awareness of the leak by making it a trending topic on social media with the hashtag #NXLeaks.