Are Emulators Causing a Silent Release of Malware on Developer Machines?

SecuritySane - Aug 18 - - Dev Community

Emulators are great fun, don't get me wrong they are an amazing piece of software that showcases the advances we have made today.

You can play any game from any platform from 20 years ago on your PC or Smartphone using an Emulator.

However, with all of the fun, there is a small but VERY present risk of silently introducing malware on your machine because of them.

But wait!

If you check these Emulators have millions of downloads but no major fiasco has happened, only until you download one from an official-looking website.

Sometimes these websites bundle the Emulators with Spyware, Trojan Horse and other harmful scripts that you don't even know are running on your machine. These cause serious data breaches.

ROMS and ISO Files Galore

When you have an Emulator, you need ROM files and ISO files to run it. Hackers can easily modify and manipulate these files to include malware and you will never know it! Sometimes developers also ask you to whitelist their Emulators as they are safe (and most are if downloaded from a safe place) but when users go to an unofficial site, the issue appears!

Furthermore, Emulators also require elevated permissions to run. Which again is a security risk. You should also remember that downloading ROM files is illegal unless you have explicit permission to do so from the copyright holders.

Most Downloaded Emulators and The Impact

There are Emulators in every shape size and form you can imagine. As an example, Nintendo Switch has many available including Suyu Emulator, Ryujinx Emulator, Yuzu Emulator, Egg NS and Torzu.

Collectively they have had millions of downloads over the years. Just imagine the damage these could have done (again not all the numbers just a small percentage of unofficially downloaded ones).

The Developer Aspect

I get it, we love to contribute our skills to open-source projects. However, this is where sometimes issues like the above can trap an honest developer in introducing malware on their machine. This can lead to wider breaches as Developers have higher access on their machines (elevated permissions) and sometimes they are work laptops too :)

Mitigation and Safety

To protect yourself from doing such an overlooked issue. Just download them from an official source and not from any other sites you find on a search engine. It is worth going on GitHub and seeing if they have a repo and if that repo is pointing to the official website or if the codebase or files match, a quick MD5 checksum verifies this. Stay safe folks!

. .