Denuvo has been cracked, company promises countermeasures against new DRM bypasses — zero-day game releases become norm as security concerns mount over hypervisor-based bypass

News
By published

This time around the company might have a point, though.

Digital security
(Image credit: Getty Images)

A good portion of the gaming- and piracy-adjacent internet has been on fire for the past few weeks, as a bypass for the (in)famous Denuvo copy-protection method has become popular. Not only did the new method enable the release of existing titles, but zero-day repacks are now the norm.

Contemporary versions of Denuvo and its multilayered DRM approaches have stood the test of time well and were widely regarded as the benchmark in the PC game DRM space. Naturally, this spells trouble for Denuvo and its parent company, Irdeto, as its primary source of revenue is now arguably useless.

Article continues below

The performance remark refers to a past controversy in which Denuvo's checks caused CPU spikes that added strong stuttering and FPS drops in many titles and configurations. This fact was vehemently denied by Denuvo and subsequently mocked online, as cracked versions ran far better.

As usual for any DRM company or publisher, Irdeto also claimed that downloading games with the bypass is a security concern, but this time around, the company has a valid point. Using the hypervisor bypass, even in its latest incarnation, requires users to disable:

  1. Virtualization-Based Security (VBS): a layer that separates the Windows operating system from the its security enforcement features that run at a higher privilege level.
  2. Credential Guard: a sub-feature of VBS that keeps login credentials in an container isolated from the rest of the operating system.
  3. Driver Signature Enforcement: verification that any drivers installed in the system must have a digital signature issued by Microsoft to an identifiable company or developer, in order to prevent installing random drivers at the system level.
  4. Core Isolation / Memory Integrity (HVCI): similar to the above, but prevents any kernel-level unsigned code entirely, as well as modifications to existing signed code so programs can't attempt to mess with existing drivers.
  5. Installing a community-made hypervisor (HV) with Windows running on top of it. This HV fakes responses to the checks that Denuvo makes, and runs with higher permissions (ring level -1) than the operating system itself and has full, nearly untraceable access to hardware and software.

As you can imagine, disabling any one of those security features is not advisable, much less deactivating all of them at once. Once all those digital checkpoints are down, anything you run on your system has free rein to take it over completely, in ways that will be difficult to notice or fix, and will naturally evade detection by nearly any antivirus package.

Adding further concern, there's no telling that even without any malicious intent, the new HV won't have a security flaw of its own that, once exploited, runs at an access level beyond even that of the operating system itself.

To its credit, the community foresaw all of these issues, and game repacks include an easy-to-use script to disable and re-enable the security measures. The recommended procedure is to disable them, reboot, and play the game. Once your gameplay session is over, you would enable them again and restart. However, that's a chore for anyone, and one might guess your average user won't think twice about bothering with such trifles as "security."

Even within the piracy community, the team that designed the HV bypass and popular repackers like FitGirl have warned about the security implications of these releases, as trusted as they might be. Prospective gamers who are leery of bringing down their PCs' defenses will have to wait for an actual crack to come around.

Google Preferred Source

Follow Tom's Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.

TOPICS
Bruno Ferreira
Bruno Ferreira
Contributor

Bruno Ferreira is a contributing writer for Tom's Hardware. He has decades of experience with PC hardware and assorted sundries, alongside a career as a developer. He's obsessed with detail and has a tendency to ramble on the topics he loves. When not doing that, he's usually playing games, or at live music shows and festivals.

32 Comments Comment from the forums
  • hotaru251
    and that they will not go deeper into the operating system.

    because they likely can't.

    MS already has the rumor about wanting to kick 3rd party out of ring-0...they won't let a 3rd party go deeper as that is insanely risky (and the EU would near 100% block that from being allowed as you can not trust any 3rd party that much access to your system)

    they'd have to sell to MS to gain access to the depth needed. (which is a last ditch option possibly assuming MS cares)

    Denuvo will ofc do anything it can try (as else it has no business) but I doubt it can truly stop it (especially w/o more performance impact) as HV is so deep ( -1). If I was Denuvo I would be worried about game devs taking em to court for their money back as atm (and foreseeable future) their suppsoed protection has failed them.
    However, that's a chore for anyone, and one might guess your average user won't think twice about bothering with such trifles as "security."

    I read into the HV article (where it was first revealed but not gonna list site for obvious reasons) as it was an interesting way to get around what is considered the best DRM but I could foresee people just buying a 2nd system just for these (never connect it to net and you have no real issue)

    Personally wouldn't touch HV w/ a 10ft stick becasue of the risk but it was an interesting read none-the-less.
    Reply
  • bigdragon
    However, that's a chore for anyone, and one might guess your average user won't think twice about bothering with such trifles as "security."
    Your average user buys their games from one of the available storefronts. Many of those users look for the store with the cheapest price and least number of hoops to jump through to get that price. Denuvo has zero to do with the average user. All Denuvo does is degrade the experience of the average user while fighting against a small group of non-customers (pirates) whom developers, publishers, executives, and investors are duped into thinking outnumber paying customers 10:1. Denuvo is unnecessary and will never win a cat-and-mouse game against adversaries with unlimited resources.

    The gaming industry would be a lot better without Denuvo.
    Reply
  • thestryker
    What I find kind of funny about Denuvo is that it can be implemented without issue. The parent company obviously doesn't care about doing that though as they've never seemed to have a robust engineering team to work with developers to make sure the performance issues don't happen. This is all well and good when your product works as expected because the big companies paying for it don't care, but when it starts getting circumvented quickly...

    As for the security features mentioned that have to be disabled... I already have every single one disabled. VBS and HVCI impact random games performance already and their benefits don't outweigh the frustration of adding another potential point of problem. The driver signing I had to turn off to be able to install Solidigm's SSD driver which improves performance. I think I might have turned it back on after getting the driver installed and white listed, but maybe not. It's not a very important security feature if you know where your drivers are coming from and other people don't use your system.

    That being said I would not be grabbing any games that needed a community hypervisor to play even if I did sail the seven seas anymore.
    Reply
  • chaos215bar2
    bigdragon said:
    Your average user buys their games from one of the available storefronts. Many of those users look for the store with the cheapest price and least number of hoops to jump through to get that price. Denuvo has zero to do with the average user. All Denuvo does is degrade the experience of the average user while fighting against a small group of non-customers (pirates) whom developers, publishers, executives, and investors are duped into thinking outnumber paying customers 10:1. Denuvo is unnecessary and will never win a cat-and-mouse game against adversaries with unlimited resources.

    The gaming industry would be a lot better without Denuvo.
    Invasive DRM like Denuvo does more than just hurt paying customers. For the kind of person who grew up pirating because they didn't have the money to pay for the games anyway, things like Denuvo just wind up serving as a filter for what games not to buy, once they do have the money to pay for whatever game they want, but no time to deal with this kind of nonsense.

    People who actually care about this stuff (myself included) will happily buy an indie game with no DRM over the most anticipated AAA title. People who don't are either already paying customers or will wait for a crack. The hypothetical customer who pays for a game simply because a crack isn't immediately available is a myth so far as I can tell.
    Reply
  • hotaru251
    thestryker said:
    That being said I would not be grabbing any games that needed a community hypervisor to play even if I did sail the seven seas anymore.
    given my trip down reading about it other day the "risk" of bad actor is near null if you know where to go (and not trusting random sites) as they are apparently requiring every one to be opensourced so they can go through each one and make sure tis clean. then you have a hash to compare it to to make sure nothings changed so assuming you do your research the HV is likely safe.
    but yeah i feel ya on not risking my system for a mere game and still wouldnt support anyone doing it though.
    chaos215bar2 said:
    The hypothetical customer who pays for a game simply because a crack isn't immediately available is a myth so far as I can tell.
    depends on the game.

    FOMO does play a part of many peoples choice making.

    hypothetical to show it: If GTA6 (gta has never used denuvo just hypothetical) came w/ denuvo.....people would buy it even if not cracked as they will want to ride the popular train and not wait x amount of time on the chance it gets cracked in future.

    AAA has been bland for years and I am also type who has been enjoying indie titles much more than AAA or even AA titles for past few yrs. Creativity is dead outside of indie anymore.
    Reply
  • LordVile
    hotaru251 said:
    because they likely can't.

    MS already has the rumor about wanting to kick 3rd party out of ring-0...they won't let a 3rd party go deeper as that is insanely risky (and the EU would near 100% block that from being allowed as you can not trust any 3rd party that much access to your system)

    they'd have to sell to MS to gain access to the depth needed. (which is a last ditch option possibly assuming MS cares)

    Denuvo will ofc do anything it can try (as else it has no business) but I doubt it can truly stop it (especially w/o more performance impact) as HV is so deep ( -1). If I was Denuvo I would be worried about game devs taking em to court for their money back as atm (and foreseeable future) their suppsoed protection has failed them.


    I read into the HV article (where it was first revealed but not gonna list site for obvious reasons) as it was an interesting way to get around what is considered the best DRM but I could foresee people just buying a 2nd system just for these (never connect it to net and you have no real issue)

    Personally wouldn't touch HV w/ a 10ft stick becasue of the risk but it was an interesting read none-the-less.
    The EU would 100% let them because the want to be able to have that level of access to peoples devices.
    Reply
  • thestryker
    chaos215bar2 said:
    People who actually care about this stuff (myself included) will happily buy an indie game with no DRM over the most anticipated AAA title. People who don't are either already paying customers or will wait for a crack. The hypothetical customer who pays for a game simply because a crack isn't immediately available is a myth so far as I can tell.
    It's really weird, and hyper capitalist, but the last information I saw (some years back now) is that it increases week one type sales. This juices the early figures and lets them proclaim how amazing their sales are. I've not seen any information that indicates it actually helps the overall sales though.
    Reply
  • txfeinbergs
    It is because of thieves that we have Denuvo in the first place. If people didn't steal games, there would be no need for it. They are their own worst enemy and if their computers get infected because of their own stupidity, so be it. They will get no sympathy here.
    Reply
  • GeorgeLY
    The legend of DRM helping sales is just a legend. Look at CDProjekt games The Witcher 3 and Cyberpunk - they lack *any* DRM and they are among best selling games of all time. Also www.gog.com that has only non-DRM games now rivals Steam in sales
    Reply
  • txfeinbergs
    GeorgeLY said:
    The legend of DRM helping sales is just a legend. Look at CDProjekt games The Witcher 3 and Cyberpunk - they lack *any* DRM and they are among best selling games of all time. Also www.gog.com that has only non-DRM games now rivals Steam in sales
    Don't care. Which part of "though shall not steal" is hard to understand for these morons. It isn't "thou shall not steal unless you can't afford an entertainment product".
    Reply