The Anti-Piracy Tech That’s Giving Hackers Fits

The Anti-Piracy Tech That’s Giving Hackers Fits

More than two months after release, it’s still not possible to pirate Just Cause 3. The same is true for Rise of the Tomb Raider, released for PC in late January. Cracking computer games used to be measured in hours or days, but now, it’s turning into weeks and months. The nature of piracy is changing in a big way.

The surest sign of that was a rare note of surrender from China-based 3DM, one of the world’s most popular cracking groups. They have made waves recently for suggesting /”there will be no free games to play” in two years. They have reportedly backed away from cracking single player games, too, but there’s dispute over those reports.

3DM and every other group in the cracking scene has been frustratingly banging their head against the piracy roadblock that is relatively new “anti-tamper” tech from the Austrian company Denuvo. That’s the tech that Square Enix used to protect Just Cause 3, the tech they also used for the new Tomb Raider and the tech that Ubisoft is using on next week’s Far Cry Primal.

Anti-tamper, according to Deunvo, is different from Digital Rights Management (DRM), which has a historically poor reputation with players.

“Anti-tamper prevents the debugging, reverse engineering and changing of executable files,” a company spokesperson told me recently.

That’s a confusing non-explanation about how Denuvo works. But since Denuvo seems to have pirates on their heels, they won’t spill their dark secrets to me.

Here’s how Denuvo describes the technology on their website:

The licence management from Steam or Origin grants legitimate consumers access to the game and our Anti-Tamper solution ensures that these DRM systems are not bypassed.

The million dollar question: what makes anti-tamper so hard to crack? Breaking Denuvo’s anti-tamper tech, even for a single game, amounts to a trade secret in these circles. Denuvo doesn’t have much incentive to give any answers, so I asked a few hackers to take a look at it.

Steam DRM? What Steam DRM?

Denuvo works as a shield for existing DRM protections baked into PC services like Steam and Origin. According to everyone I talked to, it’s trivial to get around Steam’s DRM.

“It is business as usual to see cracks for Steam games within minutes of the game’s Australian release,” said a hacker who goes by the pseudonym MTW. “Obviously this is a bad sign; DRM should not take single digit minutes to crack. There are other, non-Denuvo DRM solutions for Steam games. None of them are worth a shit.”

Denuvo uses a unique piggybacking approach. Because Steam and Origin require an internet connection to buy, purchase and authenticate a game the first time around, Denuvo can ride this wave and collect details about the computer to, in a sense, generate a unique key for that copy of the game. If the game isn’t running on that exact machine, the game can assume the game’s been pirated.

“Machine-specific triggers are peppered everywhere,” said MTW. “The game will appear to be insanely buggy, but it’s just copy protection crap. […] Game developers get to specify points in gameplay where they want a copy protection trigger. A game can be unplayable.”

In other words, even if a cracking team can get the game running, it can’t assume it will remain stable.

DRM has a history of onerous requirements for legit consumers, including a requirement that you keep your internet on all the time, register the game and so on. Denuvo largely sidesteps that. (In the past, Denuvo tech has been accused of slowing performance, but that seems to have been largely debunked.)

Anti-tamper has reportedly been used in games recently from Electronic Arts, Warner Bros, Square Enix, Ubisoft, Konami and CI Games. The company doesn’t publicly list clients.

Interestingly, Denuvo isn’t claiming it can protect games forever.

“No DRM or anti-tamper solution can stop piracy entirely,” said the spokesperson. “The goal of Denuvo anti-tamper is to keep a game piracy-free for a game’s initial sales release window, when most of the sales are made.”

For Just Cause 3, that’s 78 days. For Rise of the Tomb Raider, that’s 20 days. Denuvo’s longest record is 272 days for Lords of the Fallen, a Dark Souls-style game from late 2014.

The one group that’s had success against Denuvo is the aforementioned 3DM. Most notably, they broke Metal Gear Solid V: The Phantom Pain, one of last year’s most anticipated games. But they haven’t been able to maintain that success, as Denuvo has modified their process along the way.

“Denuvo has a staff of highly skilled and dedicated software engineers which constantly monitors every conceivable threat to a DRM system’s integrity,” said a Denuvo spokesperson. “Our job is to stay one step ahead of the hackers/crackers to make sure our anti-tamper system can keep a game publisher’s chosen DRM system safe.”

I wanted to hear 3DM’s side of things, but that’s easier typed than done. My attempts to speak with them have been unsuccessful, but what makes 3DM unique is how the group doesn’t hide in the shadows, as most of the other big cracking groups do. Several 3DM “employees” have public profiles on the social network Weibo, AKA China’s Twitter. Their leader, a woman who goes by the nickname Bird Sister, regularly updates a blog discussing 3DM’s activities.

The Anti-Piracy Tech That’s Giving Hackers Fits
One of the only known photos allegedly depicting Bird Sister.

The cracking scene is competitive, as groups vie to break through a game’s copy-protection and upload it to the world. It’s the equivalent of shouting “first!” in a comment at the bottom of an article, but you’re releasing a hot new $80 game for free. This competition can get so fierce that one group will claim another ripped off their work. (Whatever you think of piracy, it’s not exactly easy to crack software.)

Game developers and many gamers may hate piracy, but 3DM has its happy followers. Bird Sister’s personal blog is full of comments from people thanking her for 3DM’s hard work.

The Anti-Piracy Tech That’s Giving Hackers Fits
Note: These comments were crudely translated using Google.

Despite the efforts of Bird Sister and the rest of 3DM though, Denuvo as a whole remains uncracked.

A Long Time Ago In A DRM Far, Far Away

The concept of preventing people from playing a game they didn’t pay for existed long before games went “digital”. Adventure games in the ’90s, for example, asked players specific questions that could only be answered by looking in the game’s physical manual. (‘What’s the seventh word in the second paragraph on page 14?’)

Over the years, game creators wrestled with how much friction to introduce in the quest to curb piracy. Too often, piracy measures meant to prevent people from stealing the game had more of an impact on paying consumers, leading to a general distrust of any form of anti-piracy.

It was common in the ’90s and 2000s to require a CD or DVD in the drive, which was profoundly annoying. This led people who’d legally bought the game to apply “no-CD” patches to remove the requirement.

The Anti-Piracy Tech That’s Giving Hackers Fits
Image Credit: Penny Arcade

A modern form of this tactic, SecuROM, forced players to register copies of the game online, and players could only authorise a small number of computers per copy. This famously backfired on Spore, partially causing it to become the most pirated game of 2008. EA was hit with a class action lawsuit over SecuROM, arguing SecuROM was installed on computers without proper consent. EA later settled and agreed to better disclose SecuROM’s existence.

Denuvo was formed after Sony DADC DigitalWorks, the creators of SecuROM, were bought out. This new DRM company rose from the ashes of Sony DADC Digital Works, and if you browse Denuvo’s website, developers can still buy SecuROM. (It doesn’t seem very common.)

Denuvo’s goal is to keep hackers and pirates at bay for at least 60 days before a game is cracked. But when a game is broken, the genie can be partially put back in the bottle by updating the game with a fresh layer of Denuvo protection. (It’s why “Denuvo cracked” headlines don’t usually mean very much.) With that approach, only one instance of the game is cracked. The crack doesn’t gain them access to every other Denuvo-locked game, nor access to future versions of the game in question. Denuvo can add new locks when DLC is released or through a patch so that pirates are then stuck with that specific version of the game.

The Not-So-Patient Future

Most torrent websites these days have comments and message boards, and if you take a look at the conversations around Rise of the Tomb Raider or Just Cause 3, there’s a lot of anxiety that Denuvo spells the end of cracked big-budget games.

The Anti-Piracy Tech That’s Giving Hackers Fits

This doesn’t surprise Andy Maxwell, a reporter at TorrentFreak.

“Some pirates have a tendency to panic,” said Maxwell. “After all, something like Denuvo’s latest iteration upsets their assumption that their next game is coming for free. While some people can’t afford to pay and will always pirate, I think a lot of pirates are too impatient to wait months for a crack.”

If Denuvo is able to keep slowing pirates down, Maxwell says that’s a huge win for the game companies.

“The key here is to break pirates’ motivation,” he said.

To him, that doesn’t involve merely delaying a crack. It’s also about making games cheaper, more accessible and consumer-friendly. A lack of demos is a sore point, for example. (I’m with him there.) For most people, the end goal is to play a video game.

“The last thing gamers want to do is screw around trying to get a cracked game to work when they could be having fun,” he said. “Some people like that challenge, millions don’t.”

Just Cause 3 will be cracked at some point, and so will Rise of the Tomb Raider. The question is what happens in a world where people don’t know when that will happen. Will sales go up, as pirates grumble and buy real copies? Or are people willing to wait? Even Electronic Arts’ new cutesy platformer, Unravel, has Denuvo’s protection. It may not be long before most games do.

“Rules are there to be broken,” said Maxwell. “History tells us that when the motivation is there, pirates will eventually catch up.”

Art Credit: Sam Woolley


93 responses to “The Anti-Piracy Tech That’s Giving Hackers Fits”