Kernel Level Anti-Cheats: Difference between revisions
Revised last paragraph under Security concerns. Added links pertaining to kernel-level anticheats to Helldivers 2 and Rainbow Six Siege as an example of Linux gamers being unable to launch the game. |
|||
| Line 18: | Line 18: | ||
This is not a purely hypothetical scenario; it has already taken place in an incident with the popular {{Wplink|Gacha game|gacha}} co-op adventure [[Genshin Impact|''Genshin Impact'']], where the game's anti-cheat '''mhyprot2.sys''<nowiki/>' was hijacked by malicious actors to disable users' anti-virus software, with the intent of distributing {{Wplink|ransomware}}.<ref>{{Cite web |last=Soliven |first=Ryan |last2=Kimura |first2=Hitomi |date=2022-08-24 |title=Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus |url=https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html}}</ref> | This is not a purely hypothetical scenario; it has already taken place in an incident with the popular {{Wplink|Gacha game|gacha}} co-op adventure [[Genshin Impact|''Genshin Impact'']], where the game's anti-cheat '''mhyprot2.sys''<nowiki/>' was hijacked by malicious actors to disable users' anti-virus software, with the intent of distributing {{Wplink|ransomware}}.<ref>{{Cite web |last=Soliven |first=Ryan |last2=Kimura |first2=Hitomi |date=2022-08-24 |title=Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus |url=https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html}}</ref> | ||
Another perfect example is Hotta Studios' Tower of Fantasy game. Users have reported that the kernel-level anticheat 'ksophon_x64.sys' has caused BSOD along with the DPC_WATCHDOG_VIOLATION. This | Another perfect example is Hotta Studios' Tower of Fantasy game. Users have reported that the kernel-level anticheat 'ksophon_x64.sys' has caused BSOD along with the DPC_WATCHDOG_VIOLATION. This incident occurs when the game is uninstalled, launched, closed, or even running before the new publisher Perfect World Games. As of now, since the update by the company, the file doesn't appear to exist in System32/drivers. | ||
==Further reading== | ==Further reading== | ||
| Line 26: | Line 26: | ||
*Riot Games' Valorant uses an in house kernel-level anticheat called [https://support-valorant.riotgames.com/hc/en-us/articles/360046160933-What-is-Vanguard Vanguard] | *Riot Games' Valorant uses an in house kernel-level anticheat called [https://support-valorant.riotgames.com/hc/en-us/articles/360046160933-What-is-Vanguard Vanguard] | ||
*Kuro Games' Wuthering Waves uses a kernel-level anticheat called ACE (Anti-Cheat Expert) since launch. | *Kuro Games' Wuthering Waves uses a kernel-level anticheat called ACE (Anti-Cheat Expert) since launch. | ||
*Hotta Studios' Tower of Fantasy's history of kernel-level anticheat caused BSOD and would stay even after uninstalling the game. | *Hotta Studios' Tower of Fantasy's history of kernel-level anticheat caused BSOD and would stay even after uninstalling the game. | ||
* | *Ubisoft developer refused letting Linux gamers launch [https://r6fix.ubi.com/projects/RAINBOW6-SIEGE-LIVE/issues/LIVE-59642 Rainbow Six: Siege] due to kernel-level anticheat. | ||
*Arrowhead Game Studios' Helldivers 2 uses a kernel-level anticheat called nProtect GameGuard. | *Arrowhead Game Studios' Helldivers 2 uses a kernel-level anticheat called [https://www.reddit.com/r/Helldivers/comments/19dp2qw/helldivers_2_nprotect_gameguard_anticheat/ nProtect GameGuard]. | ||
==References== | ==References== | ||