This crack sounds too scary to use. Impressive, but scary.
As usual for any DRM company or publisher, Irdeto also claimed that downloading games with the bypass is a security concern, but this time around, the company has a valid point.
Using the hypervisor bypass, even in its latest incarnation, requires users to… [install] a community-made hypervisor (HV) with Windows running on top of it. This HV fakes responses to the checks that Denuvo makes, and runs with higher permissions… than the operating system itself and has full, nearly untraceable access to hardware and software.
I wouldn’t touch this without air-gapping the machine it’s run on. The funny thing here is that Denuvo can’t do much to prevent this hack.
The HV is intentionally malicious and modifies the guest on the fly to archive the Denuvo hack. The hack requires to disable all major security protections in the victim OS, so the HV can more freely poke at the victim kernel. A jne-instruction to check if running under a compromised HV? It’s now a nop-instruction.
The HV has access to everything that is plugged in physically, or run on top of it. In theory it e.g. extract encryption keys of https connections from any process in the guest.
The problem with well-coded malware is it won’t execute unless it thinks it’s not being watched. And based on everything else in this article, it sounds like you’d also be opening your computer up to other parties exploiting security holes in the process.
So a separate computer might work, but it would have to stay separate.
The exploit completely guts and opens up your system to pretty much anything. More access than even denovo.
Use the included scripts (or manually do it yourself or make your own script) to re enable everything after you’re done playing the game and reboot the system. I’d also leave the router unplugged while you play. This denovo bypass seriously leaves your system super unsecured. Only get your games using this exploit from very trusted sources and don’t be lazy about enabling everything again and rebooting before plugging back into the internet.
This is not scary at all. You must trust any code that you execute on your computer. Pirated games, if they were malicious, can already get whatever they want done on your computer, because you are giving it arbitrary code execution privileges. Fortunately there is a vast network of p2p and scene crackers that are trustworthy, who you can trust (even more so than some publishers) to respect your user rights.
The level of access hardly matters. If you were a malware developer masquerading as a legitimate cracker, there are many privilege escalation tricks you can use once you have any amount of access to a machine. And even if you didn’t, the lowest level of access is typically enough to do financial crimes (stealing browser cookies to access your bank account, or ransoming your documents folder).
This crack sounds too scary to use. Impressive, but scary.
I wouldn’t touch this without air-gapping the machine it’s run on. The funny thing here is that Denuvo can’t do much to prevent this hack.
The HV is intentionally malicious and modifies the guest on the fly to archive the Denuvo hack. The hack requires to disable all major security protections in the victim OS, so the HV can more freely poke at the victim kernel. A
jne-instruction to check if running under a compromised HV? It’s now anop-instruction.The HV has access to everything that is plugged in physically, or run on top of it. In theory it e.g. extract encryption keys of https connections from any process in the guest.
Well, you could potentially get a cheap office special PC to use as a guinea pig. (Depending on what it takes to run this software)
The problem with well-coded malware is it won’t execute unless it thinks it’s not being watched. And based on everything else in this article, it sounds like you’d also be opening your computer up to other parties exploiting security holes in the process.
So a separate computer might work, but it would have to stay separate.
If you think that’s scary wait til you hear about what it’s circumventing is capable of.
On a technical level… Less.
The exploit completely guts and opens up your system to pretty much anything. More access than even denovo.
Use the included scripts (or manually do it yourself or make your own script) to re enable everything after you’re done playing the game and reboot the system. I’d also leave the router unplugged while you play. This denovo bypass seriously leaves your system super unsecured. Only get your games using this exploit from very trusted sources and don’t be lazy about enabling everything again and rebooting before plugging back into the internet.
It’s pretty funny how things have turned out. 20 years ago (and now, really) we had rootkits as DRM, now we’ve got rootkits as game cracks.
Nasty stuff I don’t want on my computer either. As an amateur, was really hoping the cracks would remove it, not circumvent it…
Wow, wait until you hear about the Intel Management Engine
Do you have a moment for our lord and savoir Coreboot? Also RISC
Empress building a high end botnet?
Would running an os in a separate partition just for games mitigate the risks?
Not really? No reason it couldn’t just read those separate partitions too
This is not scary at all. You must trust any code that you execute on your computer. Pirated games, if they were malicious, can already get whatever they want done on your computer, because you are giving it arbitrary code execution privileges. Fortunately there is a vast network of p2p and scene crackers that are trustworthy, who you can trust (even more so than some publishers) to respect your user rights.
The level of access hardly matters. If you were a malware developer masquerading as a legitimate cracker, there are many privilege escalation tricks you can use once you have any amount of access to a machine. And even if you didn’t, the lowest level of access is typically enough to do financial crimes (stealing browser cookies to access your bank account, or ransoming your documents folder).