Thanks To Hackers, Explicit Images Are Now Showing Up In Nintendo’s ‘Super Mario Odyssey’

Leave it to Luigi to ruin the fun for everyone.

Screenshot from Super Mario Odyssey trailer
Nintendo / YouTube

Leave it to Luigi to ruin the fun for everyone.

Gaming developer and publisher Nintendo has cultivated a reputation of being a family-friendly company, with most of their flagship titles carrying ratings suitable for all ages. In the past, they’ve banned controversial games from releasing on their platforms, and their system’s online capabilities are always designed with younger ones in mind. Much to the ire of some older games, the Nintendo Switch lacks voice chat and a proper messaging service.

Still, it seems some are determined to introduce some rather questionable content into Nintendo’s online ecosystem. As reported by Polygon, explicit images are now showing up in Super Mario Odyssey, the latest entry in the long-running platforming series. This comes as a result of a hack which was discovered earlier this week. Thankfully, it looks like the images are not affecting everyone.

The issue first came to light on the Nintendo Switch subreddit, where Reddit user “ewasion” warned parents to disable the online capabilities on their children’s Nintendo Switch consoles. The spread of obscene content is currently limited to Super Mario Odyssey and its free downloadable content, a mode titled Luigi’s Balloon World. In Luigi’s Balloon World, players are given the task of tracking down balloons that other players have hidden throughout the game’s many worlds.

This seems pretty harmless in and of itself, but the issue stems from player avatars. You see, the hidden balloons display an online avatar of the person who originally hid the balloon. For the most part, avatars show off pictures of Nintendo characters (which are included in the system, to begin with), or Miis, Nintendo’s avatar system that originally debuted on the Wii. Unfortunately, a few intrepid gamers have managed to set explicit images as their avatars.

So, how is this hack even possible? Well, it all seems to stem from a piece of software called DevMenu. Normally meant to be used by those developing software for the Nintendo Switch, hackers have figured out ways to load DevMenu onto standard, retail Switch consoles. By using DevMenu, one can upload custom, non-official avatar images, which has, in turn, led some uploading explicit images as their profile pictures.

In order to get DevMenu onto their consoles, hackers have been taking advantage of a security vulnerability present in the newly-released Pokémon Quest, a free-to-play Pokémon game which was released in late May.

Nintendo has yet to make an official statement on this issue. Those who are concerned can circumvent any obscene content by disabling their Nintendo Switch’s networking/WiFi features.