Jump to content
Tuts 4 You
Ronar22

Denuvo - In The News

Recommended Posts

XenocodeRCE

That dates you for sure

Share this post


Link to post
Share on other sites
Apuromafo

other new:
https://layer13.net/rls?id=7905532
 

RELEASE NAME ───────■   Constructor-CPY                                 
        RELEASE DATE ───────■   14/06/2017                                      
        SHOP RELEASE DATE ──■   26/05/2017                                      
        RELEASE TYPE ───────■   GAME                                            
        KIND ───────────────■   Simulator                                       
        FORMAT ─────────────■   ISO                                             
        PROTECTION ─────────■   Steam + Denuvo v4 x86                           
        FILES N ────────────■   41x100   

 

  • Like 5

Share this post


Link to post
Share on other sites
Blah
https://torrentfreak.com/the-evil-within-2-used-denuvo-then-dumped-it-before-launch-171013/

 

https://torrentfreak.com/deep-down-games-pirates-love-enemies-like-denuvo-171022/

 

Edited by Blah (see edit history)
  • Like 1

Share this post


Link to post
Share on other sites
Blah
https://torrentfreak.com/the-evil-within-2-used-denuvo-then-dumped-it-before-launch-171013/

https://torrentfreak.com/assassins-creed-origin-drm-hammers-gamers-cpus-171030/

Assassins Creed Origin DRM Hammers Gamers’ CPUs

Assassin's Creed Origins gamers are reporting massive CPU utilization. While the game is said to be quite resource-hungry already, game cracker Voksi informs TorrentFreak that anti-piracy efforts are to blame. With Denuvo in trouble, Ubisoft has called in reinforcements which are reportedly dragging down all but the most powerful machines. "It's anti-consumer and a disgusting move," he says.

denuvo.jpgThere’s a war taking place on the Internet. On one side: gaming companies, publishers, and anti-piracy outfits. On the other: people who varying reasons want to play and/or test games for free.

While these groups are free to battle it out in a manner of their choosing, innocent victims are getting caught up in the crossfire. People who pay for their games without question should be considered part of the solution, not the problem, but whether they like it or not, they’re becoming collateral damage in an increasingly desperate conflict.

For the past several days, some players of the recently-released Assassin’s Creed Origins have emerged as what appear to be examples of this phenomenon.

“What is the normal CPU usage for this game?” a user asked on Steam forums. “I randomly get between 60% to 90% and I’m wondering if this is too high or not.”

The individual reported running an i7 processor, which is no slouch. However, for those running a CPU with less oomph, matters are even worse. Another gamer, running an i5, reported a 100% load on all four cores of his processor, even when lower graphics settings were selected in an effort to free up resources.

“It really doesn’t seem to matter what kind of GPU you are using,” another complained. “The performance issues most people here are complaining about are tied to CPU getting maxed out 100 percent at all times. This results in FPS [frames per second] drops and stutter. As far as I know there is no workaround.”

So what could be causing these problems? Badly configured machines? Terrible coding on the part of the game maker?

According to Voksi, whose ‘Revolt’ team cracked Wolfenstein II: The New Colossus before its commercial release last week, it’s none of these. The entire problem is directly connected to desperate anti-piracy measures.

As widely reported (1,2), the infamous Denuvo anti-piracy technology has been taking a beating lately. Cracking groups are dismantling it in a matter of days, sometimes just hours, making the protection almost pointless. For Assassin’s Creed Origins, however, Ubisoft decided to double up, Voksi says.

“Basically, Ubisoft have implemented VMProtect on top of Denuvo, tanking the game’s performance by 30-40%, demanding that people have a more expensive CPU to play the game properly, only because of the DRM. It’s anti-consumer and a disgusting move,” he told TorrentFreak.

Voksi says he knows all of this because he got an opportunity to review the code after obtaining the binaries for the game. Here’s how it works.

While Denuvo sits underneath doing its thing, it’s clearly vulnerable to piracy, given recent advances in anti-anti-piracy technology. So, in a belt-and-braces approach, Ubisoft opted to deploy another technology – VMProtect – on top.

VMProtect is software that protects other software against reverse engineering and cracking. Although the technicalities are different, its aims appear to be somewhat similar to Denuvo, in that both seek to protect underlying systems from being subverted.

“VMProtect protects code by executing it on a virtual machine with non-standard architecture that makes it extremely difficult to analyze and crack the software. Besides that, VMProtect generates and verifies serial numbers, limits free upgrades and much more,” the company’s marketing reads.

VMProtect and Denuvo didn’t appear to be getting on all that well earlier this year but they later settled their differences. Now their systems are working together, to try and solve the anti-piracy puzzle.

“It seems that Ubisoft decided that Denuvo is not enough to stop pirates in the crucial first days [after release] anymore, so they have implemented an iteration of VMProtect over it,” Voksi explains.

“This is great if you are looking to save your game from those pirates, because this layer of VMProtect will make Denuvo a lot more harder to trace and keygen than without it. But if you are a legit customer, well, it’s not that great for you since this combo could tank your performance by a lot, especially if you are using a low-mid range CPU. That’s why we are seeing 100% CPU usage on 4 core CPUs right now for example.”

The situation is reportedly so bad that some users are getting the dreaded BSOD (blue screen of death) due to their machines overheating after just an hour or two’s play. It remains unclear whether these crashes are indeed due to the VMProtect/Denuvo combination but the perception is that these anti-piracy measures are at the root of users’ CPU utilization problems.

While gaming companies can’t be blamed for wanting to protect their products, there’s no sense in punishing legitimate consumers with an inferior experience. The great irony, of course, is that when Assassin’s Creed gets cracked (if that indeed happens anytime soon), pirates will be the only ones playing it without the hindrance of two lots of anti-piracy tech battling over resources.

The big question now, however, is whether the anti-piracy wall will stand firm. If it does, it raises the bizarre proposition that future gamers might need to buy better hardware in order to accommodate anti-piracy technology.

Share this post


Link to post
Share on other sites
evlncrn8

yeh i think denuvo's claims that they dont impact performance have now been proven to be bullshit... though ubi did go a wee bit over the top 

  • Like 2

Share this post


Link to post
Share on other sites
Blah
Quote

https://torrentfreak.com/denuvo-has-been-sold-to-global-anti-piracy-outfit-irdeto-180123/

Denuvo, the company behind the world's most famous video game anti-piracy system, has been sold. The buyer is global anti-piracy outfit Irdeto, which specializes in protecting all kinds of content, with an emphasis on the audio-visual sector. The news comes a day after Denuvo's latest protection was defeated by pirates after a couple of months in the wild

 

etc etc

 

 

  • Like 4

Share this post


Link to post
Share on other sites
JohnWho

Did Denuvo directly work with the VMProtect crew on implementing the dual protection or did Ubisoft themself apply the VMProtect layer ontop of the Denuvo protected game?

On a side note, game devs should have a "software protection" specialist on the team and implement anti hack/crack/piracy features directly into the game core.

Edited by JohnWho (see edit history)
  • Like 1

Share this post


Link to post
Share on other sites
atom0s

A while back Denuvo was being accused of stealing / using VMProtect's stuff without permission but it was debunked by VMProtect themselves stating that Denuvo had a valid license to use it and such. So it's probably part of Denuvo itself and not something done by Ubi. 

Share this post


Link to post
Share on other sites
Extreme Coders

 

  • Like 2
  • Thanks 3

Share this post


Link to post
Share on other sites
joker33337
On 2/7/2018 at 7:48 PM, Extreme Coders said:

 

Just so people know - a dump made this way will contain license information possibly tied to your PC and Steam account

By the way, attaching system .dll headers to your dump and manually patching CPUID without a good way to determine if they're actual instructions instead of data feels really wrong to me :unsure: never mind you can miss some if they are encrypted and only decrypted in place at runtime

  • Thanks 1

Share this post


Link to post
Share on other sites
deepzero

Yeah that seems like a mediocre crack, easily fooled by a few randomly triggered checks, he also leads on he cant devirtualize it properly... Anyways props for him for makeing this public, more than most others did so far...

  • Like 1
  • Thanks 1

Share this post


Link to post
Share on other sites
Blah

heres the story as of now

 

https://torrentfreak.com/voksi-releases-detailed-denuvo-cracking-video-tutorial-180210/

 

Quote

Voksi Releases Detailed Denuvo-Cracking Video Tutorial

  • on February 10, 2018
 

Over the past few years, the name Voksi has become synonymous with game cracking, in particular when it comes to anti-Denuvo activities. This week the talented Bulgarian released a 90-minute video in which he reveals how he cracked V4 of the infamous anti-tamper technology. TorrentFreak caught up with him for the lowdown.

etc etc etc

Quote

 

 

 

 

Edited by Blah (see edit history)
  • Thanks 1

Share this post


Link to post
Share on other sites
JustAGuy
Posted (edited)
On 09/02/2018 at 10:00 AM, joker33337 said:

Just so people know - a dump made this way will contain license information possibly tied to your PC and Steam account
 

 

I remember scene groups (PROPHET one of them)  embedding unique licence file into a main game executable , seems nobody bothers about  being identified....it was other known commercial game protection system .....not denuvo

Edited by JustAGuy (see edit history)
  • Like 1

Share this post


Link to post
Share on other sites
Blah

Latest Denuvo Anti-Piracy Protection Falls, Cracker ‘Voksi’ On Fire

July 6, 2018

 

https://torrentfreak.com/latest-denuvo-anti-piracy-protection-falls-cracker-voksi-on-fire-180706/

 

 

heres the story as of now

 

https://torrentfreak.com/voksi-releases-detailed-denuvo-cracking-video-tutorial-180210/

 

Quote

Voksi Releases Detailed Denuvo-Cracking Video Tutorial

  • on February 10, 2018
 

Over the past few years, the name Voksi has become synonymous with game cracking, in particular when it comes to anti-Denuvo activities. This week the talented Bulgarian released a 90-minute video in which he reveals how he cracked V4 of the infamous anti-tamper technology. TorrentFreak caught up with him for the lowdown.

etc etc etc

Quote

https://torrentfreak.com/denuvo-has-been-sold-to-global-anti-piracy-outfit-irdeto-180123/

Denuvo, the company behind the world's most famous video game anti-piracy system, has been sold. The buyer is global anti-piracy outfit Irdeto, which specializes in protecting all kinds of content, with an emphasis on the audio-visual sector. The news comes a day after Denuvo's latest protection was defeated by pirates after a couple of months in the wild

 

etc etc

 

 

Share this post


Link to post
Share on other sites
JohnWho
Quote

Denuvo's latest protection was defeated by pirates after a couple of months in the wild

 

Sounds like it did it's job

Share this post


Link to post
Share on other sites
chickenbutt
Posted (edited)

I'm one of a small hand full of people who find it extremely obnoxious that there is so much hype over yet another inline-VM protector

 

As someone who has an IDA database of VM handlers and stage-keys for a lot of the modern AAA game protectors I think the Ubisoft scheme of streaming-execution via VM proxy handlers is as advanced as you'll ever see without implementing something like hardware isolation.. Then you will just get hardware hackers involved because blackbox elements on x86 triggers rights activists(HDCP and TPM attacks)..

From what CPY members are saying Denuvo 5.0 has NOTHING new over Tages or SecuRom they just needed to build tools and databases for a different scheme..

 

EDIT: Also.. Engine API for protection checks in virgin code has been common for decades.. Well.. Maybe 1.5 decades..

Edited by chickenbutt (see edit history)
  • Like 1

Share this post


Link to post
Share on other sites
joker33337
1 hour ago, chickenbutt said:

I'm one of a small hand full of people who find it extremely obnoxious that there is so much hype over yet another inline-VM protector

 

As someone who has an IDA database of VM handlers and stage-keys for a lot of the modern AAA game protectors I think the Ubisoft scheme of streaming-execution via VM proxy handlers is as advanced as you'll ever see without implementing something like hardware isolation.. Then you will just get hardware hackers involved because blackbox elements on x86 triggers rights activists(HDCP and TPM attacks)..

From what CPY members are saying Denuvo 5.0 has NOTHING new over Tages or SecuRom they just needed to build tools and databases for a different scheme..

 

EDIT: Also.. Engine API for protection checks in virgin code has been common for decades.. Well.. Maybe 1.5 decades..

CPY never stated anything about how it compares to earlier protections in their NFO. Unless you have contacts in the scene to know? Why are they MIA since the FC5 crack then?

I think Denuvo achieved a small success, the protection takes time when cracking scene-proper way (unlike the latest buggy cracks that resort to using a driver to spoof hardware), it's not online besides the activation (unlike the Ubisoft protection which pissed gamers off) and it doesn't install any shit like drivers. But it's also probably because nobody really gives a fornication about game cracking anymore.

Next gen protections are probably going to be SGX or hypervisor isolation based.

  • Like 1

Share this post


Link to post
Share on other sites
deepzero
Quote

just needed to build tools and databases for a different scheme..

I dont think they are shooting for more than that...

Share this post


Link to post
Share on other sites
chickenbutt
On 7/19/2018 at 1:25 PM, joker33337 said:

CPY never stated anything about how it compares to earlier protections in their NFO. Unless you have contacts in the scene to know? Why are they MIA since the FC5 crack then?

I think Denuvo achieved a small success, the protection takes time when cracking scene-proper way (unlike the latest buggy cracks that resort to using a driver to spoof hardware), it's not online besides the activation (unlike the Ubisoft protection which pissed gamers off) and it doesn't install any shit like drivers. But it's also probably because nobody really gives a fornication about game cracking anymore.

Next gen protections are probably going to be SGX or hypervisor isolation based.

IRC and also what 3DM said about "64bit encryption machine".. In addition to what I've seen through light static analysis and network monitoring. Remember that Securom and Starforce and Tages were layer-encrypted VM too. Denuvo just copied Ubisoft a little a schedules streaming VM stack frames and encryption data..

On 7/19/2018 at 3:49 PM, deepzero said:

I dont think they are shooting for more than that...

I don't know. I just think all the !!!!DENUVO FOUND A NEW WAY OBFUSCATE INSIDE A PE!!! hype is retarded

Share this post


Link to post
Share on other sites
chickenbutt
Posted (edited)

If it's true it's confusing.. How can you reverse complex binaries without first learning basic network security? I can see it with those people who make headlines for using Kali and SQLmap to break in to stuff, or .NET or PowerShell to write malware, but RE people are suppose to be superior.

 

I actually suspect a lot of people get busted using OS and AV telemetry which is still a laziness issue. Most people know better than to trust VPN or TOR or SOCKS5 exit nodes and implement PSK with SSH or a decent key-exchange, and strong protection on remote attack vectors(full stack protection, ASLR, KASLR, NX, CET, AuthentiCode, PatchGuard etc..)

 

EDIT: I'd actually love to see a case where shareware teams and people outside of warez were forced to defeat decent protectors or live in a DRM abused hell. I think the public would be better for it; more intelligence and appreciation etc..

Edited by chickenbutt (see edit history)

Share this post


Link to post
Share on other sites
chickenbutt

I mention this in another thread, but: x64dbg snapshot and skyllahide having no issues with Yakuza 0 which is the latest Denuvo iteration..

EDIT: Anyone else think VMProtect hype is because SnD members were devirtualizing Oreans years ago and documented it, and nobody documented VMProtect but was actually considered easier and defeated by more people?

Edited by chickenbutt (see edit history)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×