EZ-Flash USA Forum

There is a fake rom loader that will mess up your DS if you have already run FlashMe on it. The sad/strange part is that DarkFader was the one who wrote it!!!!! It goes by the name R0mloader.nds and is probably renamed to many things now. If you happen to run this on your DS then there is a way to reflash the DS. Hold down A+B+Select+Start when you are booting up and it will automatically boot from the GBA side where you can have FlashMe to reflash your DS.

Note: this doesn't just affect the DS... It kills the GBAMP and Supercard (which are then useless unless you have soldering skills, etc).

Thanks Cracker. I saw this last night, and didn't think to warn people here.

I think I can see Darkfaders reasoning - to a degree - but what honestly drives one of the hardest working NDS hackers to make something like this ?

Maybe he was tired of seeing all the kiddies out there leaching roms and the like and using his hard worked hacking skills and software put to nothing more than being a warez monkey.

The sad news now is, as cracker has pointed out, this thing is out there, in more than one form (I believe two actual different sized apps/roms are floating about) and many many people will get caught.

Will people be able to trust Darkfader again ? I for one would certainly question any applications that come from him. Even sites that he's associated with where you can patch your DS firmware, I'd be skeptical of using it now. Who wants to break a $200 "entertainment investment" ? Certainly not me.

I'll edit this thread to be an announcement for a short duration to ensure that everyone here can see it.

Please feel free to comment.

If it is darkfader it is very sad indeed however various people have had their screen-name misused or had similar things happen (gabsharky virus anyone) and the leaking incident of the closed beta early stage DS emu a while back so I intend to keep an open mind until things get resolved. (interesting how major news sites pick up on the PSP trojan and not the DS one).
Edit: a major news-site did on fact pick up on it http://www.theregister.co.uk/2005/10/12 ... do_trojan/
Darkfader was supposedly on IRC telling people not to use it too.
I really hope this does not have a lasting chilling effect on the DS scene homebrew and otherwise, looking at the PSP scene though despite the lack of updates to emulators and applications it still seems to be going strong even with new the trojans there and even more look at the PC virus stuff.
It may be wise as a precautionary measure to post the EZ3 DS loader at this site for the time being too.

Unfortunately (or fortunately as you may see it) I have been unable to find my U.V. box so I have no passme and having just recently just moved house and splashed out on a DS I have no funds to get a compatible wificard with, not to mention I can not find any reputable shops around here that stock the cards, they all seem to be 802.11g though which is nice and not as though I would buy a semi redundant piece of hardware.

I do however fully intend to get myself an EZ4 (I will probably get the biggest standard version I can get at the time) though as soon as they become available unless they are of poor quality which looking back over the EZgroups past products is doubtful.

Here's an IRC log of his original distribution. Notice that he got voice upon re-entering the channel (if you know what that means). This means that his address was recognized automatically by the bot/person so it couldn't have come from a different person unless they were using his computer (or a computer on the same network depending on how leniant the mask is) and not to mention having skills... I think it is more probable that it is the real DarkFader considering these things...

Thanks for that info cracker.

I only read part of the log, but I recognise chishm from another forum I've frequented in the past. So I'll add my "this is legit" to the pile already floating around.

Why chishm would opt in on that and not condem Darkfader for making it, I'm not sure. Too many people adopt the "I'm smart enough not to run it, so should you be", well we're not all "in the loop" with the coders out there, so we don't all know what is legit enough to run.

Now it seems we have to watch what apps come from Darkfader and whether any regular DS user can trust him again. I for one won't bother with his stuff anymore.

Mirrored

Darkfader has made a post on his site apologising for his actions so I guess it really was him that done it.
The only possible way I could justify it (or any other malware coding) would be if it was a closed source and undistributed and only for a proof of concept.
If it was really to mess around those who only use it for "romz" then I have no sympathy for darkfader at all.
It is not even as though darkfader was the only one responsible for the DS piracy scene: look at all those others involved with the passme's design and improvement and the loader/patcher that was made.
As this board deals with the EZ3 which Darkfader made a DS loader for I uploaded the file to my site and here are the hash values for the clean loader and the original zip.
The EZteam should have a new loader any day now (which you will be able to get at this site very shortly after its release if not at the same time) but until then
http://anonym.to/?http://members.lycos. ... ezf3me.zip
For those that do not know how to do a crc check there are programs but if you have a good compression program like winrar or 7zip the files will have a crc value most likely in the right hand side of the screen as for the other hash values they are pretty much pointless but some people like them more.
ezf3me.zip:
crc-32: 962F68B1
md5: C6D4EA6378ECC78FD0598A3D28571708
SHA1: BCA1970CC3D3E7FC2154D429AD14F143AB71DA27

loader.bin
CRC-32: AAAA01F8
MD5: 0E68DF9552313471A49BFB94494E7E65
SHA1: 7E63912FC8ABA3DBE8086862101C87FF097ACEBF

It's interesting what you say... Yes it was him, and admitting it rams it home just a little more.

Closed source and proof of concept should mean that he talks about it on his site and goes no further. Since they are able to write to the firmware using passme to create flashme, then erasing the firmware isn't any harder. Adding a few porn pics doesn't make it any better. I still don't see what this guy was thinking at the time !?

As for just using it to mess with those who only use it for romz, well, I recall reading that Darkfader was a member of the warez group Golden Sun Team (GST). It was only recent I read this, and I found the link to the info Here. So what's his excuse now ? He actively uses his own devices to pirate DS games and spread them, and then decides that he'll write a "rom loader" that destroys DS's.

DarkFader's apology.

*cough* tool *cough*

wait, is this the second time he's done this sort of thing? This time it only breaks supercards and GBAMPS? Glad I sold my supercard. This guy is a punk. I swear he has a split personality. If this news is new, then he ahas already donef something like this becuase I remember seeing an appology on his site like at least three months ago.

Hehe, you notice the dates on the posts directly above yours?

LOL wow. that's hillarious. for some reason i thought this was a new post. oh and by the way, that's quite the collection of flash carts you have. Are you gonna add the supercard lite to your collection. I got ez4 already but am pretty psyched about sclite.

Does this mess up ds's using EZV?

This topic is two years old.
1. This threat has been contained as far as I know.
2. As the post says, it only affects Flashme'd DSes.
3. It wasn't designed to ruin EZV, and DSes do not need to be flashed to run EZV since it is a slot 1 card that runs normally from the DS. It was designed to ruin Supercard and some other older cards.

1. correct, haven't seen any new occurances of taihen or romloader type trojans. Firmware recovery is now possible on the affected cards that had no permanent solution on them (supercard)

2. are you sure about that? I know it definitely erases the unprotected area of a flashme'd DS's firmware (I tried it a while ago to see if full recovery was possible on SCSD and DS fat), which can be recovered because of flashme, but it could quite likely do the same thing on a non-flashme ds rendering it entirely inoperable without reflashing it with a chip writer of some sort. I also remember some people with unflashed DS' not being able to recover them without hardware methods, though that could have been botched flashme installs I am thinking of.

3... yep. I'd be more worried at this point about water ruining a EZ5 than the old trojans.