Details of the promiscuous and dark side of pirated games for the Nintendo Switch

Published on November 19, 2018

Details of the promiscuous and dark side of pirated games for the Nintendo Switch

Original author: Joseph Cox
  • Transfer

Hostility, mutual file theft, Nintendo servers durability test - the usual things of the growing hacking and piracy scenes for Nintendo Switch




There was no chance that the source of the leak could be traced. Someone, perhaps a professional game reviewer, helped merge a copy of Diablo III, a highly anticipated game for the Nintendo Switch, at least a few days before its official release. The source used an intermediary who released the game for distribution between pirates.

The approach to hiding the source of the leak with the help of an intermediary was the right way to release games before they were released, “before appearing on the streets” - this is how one of the pirates wrote, judging by the chat logs of a private group in which several dozen Nintendo Switch pirates are. Whoever the source, over the past few months, he has released other games, including those that appeared at the pirates two weeks before the official release. In another case, the pirates were able to get Dark Souls: Remastered, another highly anticipated game ported to the Switch.

“They follow one after another,” a source belonging to one of the small chat rooms dealing with Switch told our publication in an online chat.

For each free distributed pirated version of the game is worth a lot more.

“Welcome to the Switch scene. Passions here are boiling! ”The source added. We promised anonymity to some sources so that they could more frankly talk about closed communities and illegal activities without fear of punishment from other members; other sources asked to remain anonymous because their employers did not allow them to communicate with the press.

The Pirate Switch Community - most of which work in the game-oriented chat application Discord - is full of genius, technical breakthroughs and constantly evolving cat-and-mouse games between the Nintendo billion-dollar company and active hackers who like the company but illegally steal its games . Pirates use malware to steal files from each other in order to be able to download more games. Groups specifically inject code into other console systems so that they do not work. Some of them zadoksili - that is, published personal data on the Internet.

How do pirates get access to switch games


Pulling games for the Switch is not a trivial task. There is a complex and constantly working supply chain that helps people get and play unplayed games. There are reverse engineering experts who dig out the way Nintendo’s tools work so hackers can use them to their advantage. There are coders who write programs to speed up the process of downloading or launching games. Reviewers, developers, YouTube with access to games earlier than regular users, often disclose unlock codes or other information to small groups, which can flow from there to wider masses. These small groups may have access to niche leaks that are rarely available to the public, such as demos from Nintendo Kiosks servers, which are consoles designed for special events.. One source showed us the Switch prototype documents from the developer meeting last year.

To release a game, pirates can take a copy from the physical cartridge; they can do it before the official release in the USA by ordering a cartridge in an Australian store where games go out earlier because of the time difference. However, this gives a head start only a day or two before the official release. In search of more valuable and earlier dumps, pirates often manage to get a copy from Nintendo eShop, a digital game store built into Switch. To do this, the pirates, most likely, use specially written software that communicates with Nintendo servers, as one of the pirates who download large game archives explained. Sometimes files can be downloaded earlier than anyone else (as intended), they are encrypted and require a special titlekey key to unlock them. However, review authors or pirates with connections often get these keys earlier and then share them. It is important that the keys are not unique,

JJB, until recently, the administrator of the largest chat in the Discord piracy games for the Switch, called WarezNX, said that the pirates managed to get to parts of the Nintendo infrastructure, usually closed to ordinary Switch users.

This includes several internal company servers, one of which, for example, contains various versions of the Switch OS. To connect to these usually inaccessible servers, files were used that fall into the Switch Development Kit software suite , which usually only game developers have.


A snapshot of a document allegedly intended only for developers under the Nintendo Switch.

To play a pirated copy of the game, something more is required.than just download it. Pirates need to put Switch into recovery mode, and this requires physically shorting the two pins inside the console with a clip. After that you can download [maybe just open / approx. transfer] boot menu where you can run software that is not authorized by the company. They also need to get another program that will allow them to install pirated games on their own.

On the largest Discord servers dedicated to pirate games for the Switch, thousands of participants are registered. Many are well organized and friendly; many have a bot that, upon request, sends a message to the user with links to Google Drive containing heaps of games, updates and other downloadable content.

The company decided not to comment on this situation for us, but it has long been working to complicate the use of pirated games. At the time of the release of the console in one of its chips, Nvidia Tegra X1 , there was a fatal flaw that allowed hackers to gain broad authority to control the console. Since July, Nintendo has released corrected versions of the console. In October, the company tweaked the console-server interaction procedure, cutting off the beaten track for piracy. Now the developers of the tools that extract data from the company's servers keep it secret, worrying about the fact that with their wide distribution, Nintendo will be able to release patches against the technologies they use.

“It's amazing that they got to the patches only now, because the same vulnerability has been used for years for piracy on 3DS and Wii U consoles,” said one of the pirates who downloaded large archives.

JJB told the editorial staff that their hacker community is engaged in reverse engineering "the company's internal content to help improve the scene."

“We mostly remain in the shadow because of legal problems with our activities,” he added. By providing shadow leaks, we are trying to improve the speed of development. ”

Nintendo is notorious for its aggressive intellectual property protection policy, including bans on recreating games and hacking warfare.

"The piracy of video games is illegal," it is written in a post.on the official Nintendo website. “Nintendo opposes people gaining an advantage and selling the creative work of game developers, artists, animators, musicians, motion capture experts and other people.”

In some aspects, the company is still behind the pirates. A pirate who downloads game archives says that Nintendo prohibits only downloading files with certain keywords in names, for example, “Donkey Kong,” “Mario” or “Zelda”. He says that the pirates simply correct the names, changing “Nintendo” to “Ninbendo”, and have no problems. He considers Google to be the biggest problem. He shares games through Google Drive, and the company responds very quickly when the user starts to consume large amounts of traffic.

Nintendo's position does not stop piracy. It shifts the dynamics of the groups behind the pirated tools. But not all pirates are on the same side.

Dishonest pirates


Simon develops software called DAuther, which is used to generate an authorization key, which is used to connect to Nintendo servers. It can be used to receive game update notifications from Nintendo, as he explained to us. But it can also be used for piracy.

Each Switch has its own embedded certificate for accessing Nintendo servers - this is how the company knows which console it is talking to. If the company catches someone downloading games that are not his own, she can ban this certificate and, therefore, the pirate console, after which he will not be able to download games officially and play online. Therefore, certificates are a popular item in the pirate community.

Recently, someone distributed a copy of DAuther on the 4chan forum, according to Simon, and several posts on 4chan and Reddit. This copy was found to be malicious; she stole the user's certificate and uploaded it to the hacker's server. Simon believes that the malware that stole the certificates was intended for mass piracy.

“Its authors needed a lot of certificates, because they knew that Nintendo would catch them and quickly ban them,” Simon told us. Simon went on the attack on the authors of the malware, and wrote a program that uploads "random crap" to the hacker's server, which should potentially overload it, as written on Simon's GitHub . One Reddit user went ahead, and published the visible personal data of the server owner, which the moderator quickly deleted.

“The switch scene is now reminiscent of a fire in the trash, such tricks happen often,” said Simon.



And there is also enmity and conflict among more formal pirate groups. Team Xecuter, a well-known pirate group that also developed utilities for the Xbox and Nintendo DS, released a version of the program for Switch that allows people to play pirated games and gives more control over the console. According to Mike Heskin, a security researcher who concentrates on the Switch, this program has code that turns the Switch into a “brick” when trying to copy it without paying (Xecuter sells its programs). Heskin also accused Xecuter of stealing code from the free Atmosphere program he was working on .

In a letter to us, a representative of Team Xecuter dismissed allegations of having code that corrupted the console, and said that the program simply blocked the console and required either a password or an update (Heskin managed to bypass this block in June). He also described this blocking as more intended to be called to hackers who stumbled upon their own anti-piracy measures Xecuter - a “harmless cat-and-mouse game” between hackers and competing pirate teams.

“Most of this was due to the hated hackers who wanted to achieve what we were able to do, who did not like the fact that we make people pay for our product because most of the hacks are free,” he added. Xecuter also does not deny accusations of stealing the code from the Atmosphere, saying that "we were inspired by this work and the available documentation", and "we are far from copy-pasting."

JJB, the former admin of Discord, told about other cases in which pirated utilities blocked consoles, but this was done in order to teach people “not to run any random crap downloaded from the Internet”.

Sometimes fights between pirate teams and researchers harm ordinary consumers. “Because of that kind of shit, I’ll have to wait until the scene calms down — there’s too much chance that my console will be hacked or blocked by all sorts of goats,” wrote one Reddit user in a thread dealing with Simon’s tool.

A source with access to the chat logs of a closed group of hackers said that "people constantly leave or join the scene in response to all disputes and quarrels."

“Honestly, it's all remarkably toxic.”


Conflicts such as Xecuter said are pretty harmless. In the worst case, someone will refuse to work Switch or it will be banned on the servers of Nintendo. However, some parts of the community descend to aggressive and targeted persecution of individual members of the community.

One of the hackers talking to the editors faced a wave of insults in Twitter personal messages when he was pinched. He said that he was also persecuted, while other members of the community aggravated doxing, which led to an increase in aggression. Doxing in this case was used, in particular, in connection with transphobia, judging by the hateful comments that accompanied posts with the disclosure of personal data.

This hacker said about Switch hacking and piracy communities, that “frankly, all this is surprisingly toxic”.

“I have long believed that the problem was the end users, people who wanted to use vulnerabilities for piracy. But it turns out that among hackers, reverse engineering specialists and vulnerability developers, there are also a lot of terrible people, ”he added. A few more sources also pointed to various cases of doxing.



Among them are cases of disclosure of data of people who signed a non-disclosure agreement with Nintendo, according to JJB, a former WarezNX Discord administrator, who closed the server in October.

“I could not allow this evidence to remain available,” he explained just before closing the server. JJB did not explain what motivated doxing, but said that it was due to “internal divisions, and some people use it as a way to get something they wouldn’t have otherwise.”

Communities cannot last for long if doxing and hacking occur, at least in its current form. In particular, because of this, WarezNX has moved into a more private mode, away from thousands of other Nintendo fans who have flooded the Discord.

"This happens from time to time, almost cyclically," added JJB. “As soon as communities like WarezNX expand and become public, their lifetime is numbered.”

And this server iteration is currently offline.