New hypervisor-based bypass methods are enabling day-zero piracy of major video games, effectively circumventing Denuvo’s anti-tamper protection and forcing Irdeto to develop urgent security countermeasures.

Key points

• New hypervisor bypasses operate at the "Ring -1" security level, allowing pirates to intercept CPU instructions and feed false data to Denuvo software.
• Major titles including Resident Evil Requiem, Crimson Desert, and Assassin’s Creed Shadows have been compromised shortly after their official release dates.
• Using these bypasses requires users to disable critical Windows security features like Virtualization-Based Security (VBS), creating significant system vulnerabilities.
• Irdeto, the owner of Denuvo, is currently developing updates to counter these methods without moving their software into the kernel level.
• Popular repacker FitGirl has begun distributing these cracks under strict community guidelines, despite ongoing concerns regarding system stability and potential malware risks.

The emergence of hypervisor-based cracking marks a significant shift in the digital rights management landscape, as it drastically reduces the time games remain protected from piracy. This development threatens the early-release sales window that publishers rely on, forcing companies to balance more aggressive security measures against the performance and safety concerns of legitimate customers.