The Nintendo Switch has had hacking exploits in the past. While this is nothing uncommon, hacking to alter other user’s experiences online is usually much harder to do. Hackers have found a way to modify their own avatar on the Nintendo Switch, allowing them to abuse the exploit online.
This exploit has cropped up in Super Mario Odyssey, within the game’s recently added Luigi’s Balloon World mini-game. This allows users to hide a balloon in a level within a short time limit, and in turn other users online attempt to find these balloons in the same time-span.
These balloons feature the user’s avatar from their Nintendo Switch account, appearing on the side of the balloon. This avatar is supposed to be selected from a limited selection of images in a gallery featuring Nintendo characters or the user’s own Mii avatar.
Reddit user ewasion posted to /r/NintendoSwitch (a fan-run community, not an official Nintendo subreddit) noticing that some of the balloons had pornographic imagery on them.
The user has called for parents to disable the Nintendo Switch’s online functionality until the matter is resolved. User SwimmingTerm proposed why the user or users might be doing this:
“The people doing this are probably trying to get banned,” the user said. “They’re doing this to [expletive] with people and possibly to send a message to Nintendo about security. Not saying they shouldn’t be responsible for their actions, but banning is probably not a punishment for them.”
There have been unconfirmed reports from Switch hacking communities prior to this incident that Nintendo were already banning users with hacked Nintendo Switch consoles, preventing them from being able to go online.
Super Mario Odyssey is now available for the Nintendo Switch. In case you missed it, you can find our review for the game here (we highly recommend it!).