Cybersecurity expert Markus Haasdeelen unveiled The Bliss Hack, a physical attack on the original Xbox One that uses voltage fluctuations to compromise bootrom memory.
© RusPhotoBank
At the RE//verse Conference, cybersecurity expert Markus Haasdeelen revealed a new method for hacking the original Xbox One. The console, launched in 2013, had long been considered well-protected against such attacks.
The technique, dubbed The Bliss Hack, differs from software exploits by requiring physical access to the device. The researcher found that brief voltage fluctuations during system boot can bypass built-in security mechanisms.
This attack targets the 64 KB bootrom memory area, which handles initial system verification at startup. Using two precisely timed voltage spikes, the researcher managed to compromise memory protection and gain control over code execution early in the boot process.
The resulting access enables decryption of games and updates, along with running unsigned code at all levels of the console's operating system. Haasdeelen emphasized that his research focuses primarily on preserving gaming heritage and studying older device architecture, rather than promoting piracy.
Implementing the method requires soldering several wires to the motherboard and using an additional microcontroller to deliver specific signals at the right moment. Importantly, the researcher noted that the attack reliably works only on the first version of Xbox One. Later models—Xbox One S and Xbox One X—feature enhanced protection systems, and the method's effectiveness on them remains unconfirmed.