If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Nintendo kills 3DS browser exploit via new firmware update

No more Pokémon Shuffle or ROM injection hacks.

Nintendo has issued a new 3DS firmware update that blocks a major web browser exploit.

Pokémon Shuffle's shop was hacked so that all purchases became free.

The hack had allowed users to inject code within downloaded games, allowing for a number of illegal uses.

A method was discovered to run pirated Game Boy Color ROMs with relative ease, for example.

Another piece of code changed the 3DS' settings so it became region-free.

Last week, an exploit emerged that allowed users to bypass paying for microtransactions in free-to-play puzzler Pokémon Shuffle, just days after the game's launch.

The web browser exploit was only available on the original 3DS, 3DS XL and 2DS. The New 3DS and 3DS XL models were immune to the method as they feature an updated browser app.

Nintendo's new system update 9.5.0-23, available from today, updates the 3DS web browser and closes the exploit loophole completely. For the moment at least, none of the above exploits are no longer working.

Will you support Eurogamer?

We want to make Eurogamer better, and that means better for our readers - not for algorithms. You can help! Become a supporter of Eurogamer and you can view the site completely ad-free, as well as gaining exclusive access to articles, podcasts and conversations that will bring you closer to the team, the stories, and the games we all love. Subscriptions start at £3.99 / $4.99 per month.

About the Author

Tom Phillips avatar

Tom Phillips

Deputy Editor

Tom is Eurogamer's deputy editor. He writes lots of news, some of the puns and makes sure we put the accent on Pokémon.


More News

Latest Articles

Supporters Only

Eurogamer.net logo

Buy things with globes on them

And other lovely Eurogamer merch in our official store!

Eurogamer.net Merch