GoKawiilLast week, Denuvo made headlines, but for all of the wrong reasons. a freshly-minted hypervisor bypass renders Denuvo's famous anti-tamper protection virtually useless to those willing to go to the lengths that the crack requires. For those not in the know, Denuvo is an anti-tamper and DRM software developed by Irdeto, which has been deployed across a huge number of PC gaming titles, sometimes with controversial results. Previously, it was considered difficult, or near impossible, to crack the DRM. Now, it's been blown wide open, due to the freshly minted Denuvo hypervisor-based bypass.
This method has allowed game cracking and distributing pirates (collectively known as "the scene") to once again release DRM-free versions of popular AAA titles on release day, known as zero-day releases. Naturally, this doesn't bode well for Denuvo and its parent company, Irdeto, for whom the DRM is a major earner.
We should note that the language in "hypervisor-based bypass" is specific, as actual cracks of recent Denuvo versions have yet to be published. A 'proper' crack would alter the game's executable code to remove or disable its DRM, while a bypass keeps the game mostly intact but adds an external avoidance mechanism.
Article continues below
Resident Evil: Requiem is one of the most recent Denuvo-protected releases. (Image credit: Capcom)
This distinction is key with the hypervisor bypass (HVBP), as it requires drastic measures from gamers downloading pirated releases. One needs to disable almost every Windows low-level security feature — an exceedingly poor idea on its own — as well as install a scene-made hypervisor (HV), which Windows itself then sits on, to intercept Denuvo's checks. Gamers can easily enable these features after playing, but chances are, few will bother.
Any HV, whether it's VMWare ESXi, Hyper-V, Xen, or this Denuvo bypass, has access to the system at the metal level, with complete reign over the computer and all its data and hardware. Even trusting the scene's programming acumen, if the releases using HVBP prove popular, we're talking at least hundreds of thousands of systems with all defenses down and a nearly hardware-level threat vector. An unintentional bug in the HV can be exploited by malicious actors in an essentially untraceable manner.
Denuvo's reputation amongst enthusiasts
Ever since its inception circa 2014, Denuvo Anti-Tamper (not to be confused with Denuvo Anti-Cheat) has been under fire from gamers for its heavy-handed approach. The software is notorious for punishing legitimate customers, thanks to measures including hardware fingerprinting with limited activations, requirements to periodically reach out to Denuvo's servers, and finicky online validation that may brick many single-player titles if the activation servers ever disappear.
Every single one of those measures has caused perennial headaches for gamers, necessitating YouTube tutorials and other community help to let someone just enjoy a game they already paid for. But perhaps the most contentious of all is the performance hit thanks to the constant hardware verification, adding stuttering and lowering FPS, sometimes to the point of making some games unenjoyable in weaker machines. Denuvo has voraciously defended these reports, claiming that the DRM does not impact performance.
... continue reading