Denuvo has been broken, company promises countermeasures against new DRM bypass

tomshardware.com · LicenseSping · 3 days ago · view on HN · news
quality 7/10 · good
0 net
Tags
facebook google malware microsoft rce
Denuvo has been cracked, company promises countermeasures against new DRM bypasses — zero-day game releases become norm as security concerns mount over hypervisor-based bypass | Tom's Hardware Skip to main content Tom's Hardware Subscription Why subscribe? Get deeper insights with deeper News Analysis posts Read exclusive subscriber-only features and interviews Unlock access to Bench, our custom benchmark test visualizer, and compare products From $7 /mth Subscribe now Don't miss these GPUs Testing DirectStorage with GPU decompression — do Blackwell GPUs have the upper hand? CPUs Geekbench investigates up to 30% jump with Intel's iBOT Windows Microsoft blocks registry trick that unlocked performance-boosting native NVMe driver on Windows 11 Tech Industry China's homegrown silicon suppliers gain traction as Nvidia struggles to get its chips into the market Retro Gaming 385TB video game archive saved by fans — Myrient has been '100% backed up' and validated, torrents being generated CPUs Intel’s Binary Optimization Tool tested and explained Tech Industry The Super Micro AI accelerator smuggling scandal proves how cut-throat the global AI race has become — as global trade evolves, so does export control evasion GPUs Intel has reached out to Crimson Desert developer “many times” to support Arc GPUs Console Gaming Microsoft’s ‘unhackable’ Xbox One has been hacked by 'Bliss' GPUs Crimson Desert devs apologize for ‘confusion’ over Intel GPU FAQ — backtracks over prior dismissive language regarding Arc graphics support PC Gaming Crimson Desert offers no support for Intel GPUs GPUs Imagination Tech working on mainstream PC gaming with ‘ambitious graphics card and SoC design companies’ — shows off progress with DirectX 11 workloads Windows Microsoft promises serious improvements to Windows 11 performance, reliability, and updates GPUs Nvidia CEO says he's 'empathetic' to DLSS 5 concerns Windows Yet another Windows update is wreaking havoc on gaming rigs worldwide (Image credit: Getty Images) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Email Share this article 22 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tom's Hardware Stay On the Cutting Edge: Get the Tom's Hardware Newsletter Get Tom's Hardware's best news and in-depth reviews, straight to your inbox. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are now subscribed Your newsletter sign-up was successful An account already exists for this email address, please log in. Subscribe to our newsletter A good portion of the gaming- and piracy-adjacent internet has been on fire for the past few weeks, as a bypass for the (in)famous Denuvo copy-protection method has become popular. Not only did the new method enable the release of existing titles, but zero-day repacks are now the norm. Contemporary versions of Denuvo and its multilayered DRM approaches have stood the test of time well and were widely regarded as the benchmark in the PC game DRM space. Naturally, this spells trouble for Denuvo and its parent company, Irdeto, as its primary source of revenue is now arguably useless. Irdeto sent a statement to popular DRM and copyright news site TorrentFreak , wherein it claims that it is already working on countermeasures, promising that "performance will not be compromised" by said improvements and that they will not go deeper into the operating system. Article continues below You may like Testing CPU scaling in Resident Evil Requiem Security researcher says AMD auto-updater downloads software insecurely, enabling remote code execution Epic Games brings Secure Boot and TPM to competitive Fortnite Go deeper with TH Premium: AI and data centers (Image credit: Microsoft) Photonics and high-speed data movement is the next big AI bottleneck The data center cooling state of play Massive AI data center buildouts are squeezing energy supplies Ultra Ethernet: The data center interconnection of tomorrow The performance remark refers to a past controversy in which Denuvo's checks caused CPU spikes that added strong stuttering and FPS drops in many titles and configurations. This fact was vehemently denied by Denuvo and subsequently mocked online, as cracked versions ran far better. As usual for any DRM company or publisher, Irdeto also claimed that downloading games with the bypass is a security concern, but this time around, the company has a valid point. Using the hypervisor bypass, even in its latest incarnation, requires users to disable : Virtualization-Based Security (VBS): a layer that separates the Windows operating system from the its security enforcement features that run at a higher privilege level. Credential Guard: a sub-feature of VBS that keeps login credentials in an container isolated from the rest of the operating system. Driver Signature Enforcement: verification that any drivers installed in the system must have a digital signature issued by Microsoft to an identifiable company or developer, in order to prevent installing random drivers at the system level. Core Isolation / Memory Integrity (HVCI): similar to the above, but prevents any kernel-level unsigned code entirely, as well as modifications to existing signed code so programs can't attempt to mess with existing drivers. Installing a community-made hypervisor (HV) with Windows running on top of it. This HV fakes responses to the checks that Denuvo makes, and runs with higher permissions (ring level -1) than the operating system itself and has full, nearly untraceable access to hardware and software. As you can imagine, disabling any one of those security features is not advisable, much less deactivating all of them at once. Once all those digital checkpoints are down, anything you run on your system has free rein to take it over completely, in ways that will be difficult to notice or fix, and will naturally evade detection by nearly any antivirus package. Adding further concern, there's no telling that even without any malicious intent, the new HV won't have a security flaw of its own that, once exploited, runs at an access level beyond even that of the operating system itself. Stay On the Cutting Edge: Get the Tom's Hardware Newsletter Get Tom's Hardware's best news and in-depth reviews, straight to your inbox. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors To its credit, the community foresaw all of these issues, and game repacks include an easy-to-use script to disable and re-enable the security measures. The recommended procedure is to disable them, reboot, and play the game. Once your gameplay session is over, you would enable them again and restart. However, that's a chore for anyone, and one might guess your average user won't think twice about bothering with such trifles as "security." Even within the piracy community, the team that designed the HV bypass and popular repackers like FitGirl have warned about the security implications of these releases, as trusted as they might be. Prospective gamers who are leery of bringing down their PCs' defenses will have to wait for an actual crack to come around. Follow Tom's Hardware on Google News , or add us as a preferred source , to get our latest news, analysis, & reviews in your feeds. TOPICS See all comments (22) Bruno Ferreira Contributor Bruno Ferreira is a contributing writer for Tom's Hardware. He has decades of experience with PC hardware and assorted sundries, alongside a career as a developer. He's obsessed with detail and has a tendency to ramble on the topics he loves. When not doing that, he's usually playing games, or at live music shows and festivals. Read more CPUs Testing CPU scaling in Resident Evil Requiem Cybersecurity Security researcher says AMD auto-updater downloads software insecurely, enabling remote code execution PC Gaming Epic Games brings Secure Boot and TPM to competitive Fortnite Cybersecurity Zombie ZIP vulnerability lets malware stroll past gates of 95% of AV suites Console Gaming Microsoft’s ‘unhackable’ Xbox One has been hacked by 'Bliss' Cybersecurity Bug in Nitrogen ransomware locks victims' data away forever Latest in PC Gaming PC Gaming Trucker shows off $6,000 PC driving sim rig in passenger seat PC Gaming Crimson Desert offers no support for Intel GPUs PC Gaming Microsoft debuts DirectStorage 1.4 at GDC 2026, with Zstandard compression and GACL PC Gaming The FBI is looking for victimized Steam users who downloaded games with hidden malware PC Gaming Valve details new game verification system for upcoming Steam Frame and Steam Machine PC Gaming Baldur's Gate 3 and LEGO Batman actors to host Future Games Show Latest in News Artificial Intelligence Microsoft says Copilot is for entertainment purposes only, not serious use Artificial Intelligence Iran claims it has hit Oracle data center in Dubai, Amazon data center in Bahrain Artificial Intelligence The largest programming community on Reddit has just banned all content related to LLMs Semiconductors TSMC reportedly plans to build 12 fabs, four packaging facilities in Arizona Gaming Monitors $1,299 Asus OLED gaming monitors are arriving with cracked panels for many buyers PlayStation Modder combines the guts of two PS1 consoles into one custom PCB, adds microSD card and HDMI support 22 Comments Comment from the forums and that they will not go deeper into the operating system. because they likely can't. MS already has the rumor about wanting to kick 3rd party out of ring-0...they won't let a 3rd party go deeper as that is insanely risky (and the EU would near 100% block that from being allowed as you can not trust any 3rd party that much access to your system) they'd have to sell to MS to gain access to the depth needed. (which is a last ditch option possibly assuming MS cares) Denuvo will ofc do anything it can try (as else it has no business) but I doubt it can truly stop it (especially w/o more performance impact) as HV is so deep ( -1). If I was Denuvo I would be worried about game devs taking em to court for their money back as atm (and foreseeable future) their suppsoed protection has failed them. However, that's a chore for anyone, and one might guess your average user won't think twice about bothering with such trifles as "security." I read into the HV article (where it was first revealed but not gonna list site for obvious reasons) as it was an interesting way to get around what is considered the best DRM but I could foresee people just buying a 2nd system just for these (never connect it to net and you have no real issue) Personally wouldn't touch HV w/ a 10ft stick becasue of the risk but it was an interesting read none-the-less. Reply However, that's a chore for anyone, and one might guess your average user won't think twice about bothering with such trifles as "security." Your average user buys their games from one of the available storefronts. Many of those users look for the store with the cheapest price and least number of hoops to jump through to get that price. Denuvo has zero to do with the average user. All Denuvo does is degrade the experience of the average user while fighting against a small group of non-customers (pirates) whom developers, publishers, executives, and investors are duped into thinking outnumber paying customers 10:1. Denuvo is unnecessary and will never win a cat-and-mouse game against adversaries with unlimited resources. The gaming industry would be a lot better without Denuvo. Reply What I find kind of funny about Denuvo is that it can be implemented without issue. The parent company obviously doesn't care about doing that though as they've never seemed to have a robust engineering team to work with developers to make sure the performance issues don't happen. This is all well and good when your product works as expected because the big companies paying for it don't care, but when it starts getting circumvented quickly... As for the security features mentioned that have to be disabled... I already have every single one disabled. VBS and HVCI impact random games performance already and their benefits don't outweigh the frustration of adding another potential point of problem. The driver signing I had to turn off to be able to install Solidigm's SSD driver which improves performance. I think I might have turned it back on after getting the driver installed and white listed, but maybe not. It's not a very important security feature if you know where your drivers are coming from and other people don't use your system. That being said I would not be grabbing any games that needed a community hypervisor to play even if I did sail the seven seas anymore. Reply bigdragon said: Your average user buys their games from one of the available storefronts. Many of those users look for the store with the cheapest price and least number of hoops to jump through to get that price. Denuvo has zero to do with the average user. All Denuvo does is degrade the experience of the average user while fighting against a small group of non-customers (pirates) whom developers, publishers, executives, and investors are duped into thinking outnumber paying customers 10:1. Denuvo is unnecessary and will never win a cat-and-mouse game against adversaries with unlimited resources. The gaming industry would be a lot better without Denuvo. Invasive DRM like Denuvo does more than just hurt paying customers. For the kind of person who grew up pirating because they didn't have the money to pay for the games anyway, things like Denuvo just wind up serving as a filter for what games not to buy, once they do have the money to pay for whatever game they want, but no time to deal with this kind of nonsense. People who actually care about this stuff (myself included) will happily buy an indie game with no DRM over the most anticipated AAA title. People who don't are either already paying customers or will wait for a crack. The hypothetical customer who pays for a game simply because a crack isn't immediately available is a myth so far as I can tell. Reply thestryker said: That being said I would not be grabbing any games that needed a community hypervisor to play even if I did sail the seven seas anymore. given my trip down reading about it other day the "risk" of bad actor is near null if you know where to go (and not trusting random sites) as they are apparently requiring every one to be opensourced so they can go through each one and make sure tis clean. then you have a hash to compare it to to make sure nothings changed so assuming you do your research the HV is likely safe. but yeah i feel ya on not risking my system for a mere game and still wouldnt support anyone doing it though. chaos215bar2 said: The hypothetical customer who pays for a game simply because a crack isn't immediately available is a myth so far as I can tell. depends on the game. FOMO does play a part of many peoples choice making. hypothetical to show it: If GTA6 (gta has never used denuvo just hypothetical) came w/ denuvo.....people would buy it even if not cracked as they will want to ride the popular train and not wait x amount of time on the chance it gets cracked in future. AAA has been bland for years and I am also type who has been enjoying indie titles much more than AAA or even AA titles for past few yrs. Creativity is dead outside of indie anymore. Reply hotaru251 said: because they likely can't. MS already has the rumor about wanting to kick 3rd party out of ring-0...they won't let a 3rd party go deeper as that is insanely risky (and the EU would near 100% block that from being allowed as you can not trust any 3rd party that much access to your system) they'd have to sell to MS to gain access to the depth needed. (which is a last ditch option possibly assuming MS cares) Denuvo will ofc do anything it can try (as else it has no business) but I doubt it can truly stop it (especially w/o more performance impact) as HV is so deep ( -1). If I was Denuvo I would be worried about game devs taking em to court for their money back as atm (and foreseeable future) their suppsoed protection has failed them. I read into the HV article (where it was first revealed but not gonna list site for obvious reasons) as it was an interesting way to get around what is considered the best DRM but I could foresee people just buying a 2nd system just for these (never connect it to net and you have no real issue) Personally wouldn't touch HV w/ a 10ft stick becasue of the risk but it was an interesting read none-the-less. The EU would 100% let them because the want to be able to have that level of access to peoples devices. Reply chaos215bar2 said: People who actually care about this stuff (myself included) will happily buy an indie game with no DRM over the most anticipated AAA title. People who don't are either already paying customers or will wait for a crack. The hypothetical customer who pays for a game simply because a crack isn't immediately available is a myth so far as I can tell. It's really weird, and hyper capitalist, but the last information I saw (some years back now) is that it increases week one type sales. This juices the early figures and lets them proclaim how amazing their sales are. I've not seen any information that indicates it actually helps the overall sales though. Reply It is because of thieves that we have Denuvo in the first place. If people didn't steal games, there would be no need for it. They are their own worst enemy and if their computers get infected because of their own stupidity, so be it. They will get no sympathy here. Reply The legend of DRM helping sales is just a legend. Look at CDProjekt games The Witcher 3 and Cyberpunk - they lack *any* DRM and they are among best selling games of all time. Also www.gog.com that has only non-DRM games now rivals Steam in sales Reply GeorgeLY said: The legend of DRM helping sales is just a legend. Look at CDProjekt games The Witcher 3 and Cyberpunk - they lack *any* DRM and they are among best selling games of all time. Also www.gog.com that has only non-DRM games now rivals Steam in sales Don't care. Which part of "though shall not steal" is hard to understand for these morons. It isn't "thou shall not steal unless you can't afford an entertainment product". Reply View All 22 Comments Show more comments
← Back to stories