Genshin Impact: Difference between revisions

Line 7:

| Logo = Genshin Impact.png

}}

'''{{wplink|Genshin Impact|Genshin Impact}}''' is an ''{{wplink|Always-on_DRM|always online}}'' open world free-to-play action role-playing video game developed by {{wplink|MiHoYo|MiHoYo}}.

'''{{wplink|Genshin Impact|Genshin Impact}}''' is an ''{{wplink|Always-on_DRM|always online}}'' open world free-to-play action role-playing gacha video game developed by {{wplink|MiHoYo|MiHoYo}}.

==Consumer impact summary==

*'''Privacy:''' Genshin Impact despite primarily being a single player title with some co-op elements utilises [[Kernel level anti-cheats|kernel level anti-cheat]].

*'''Control:''' Users must have the anti-cheat running while playing the game. Prior to a September 2020 update, it also remained running after the game was closed or uninstalled.<ref>{{Cite web |date=28 Sep 2020 |title=About Our Anti-Cheat System (Updated) |url=https://genshin.hoyoverse.com/en/news/detail/103720 |url-status=live |archive-url=https://web.archive.org/web/20230201114443/https://genshin.hoyoverse.com/en/news/detail/103720 |archive-date=1 Feb 2023 |access-date=22 Sep 2025 |website=Genshin Impact}}</ref>

*'''Security:''' Kernel level anti-cheats, have the highest amount of privilege on the running machine — and the greatest vulnerability should it be hacked.

==Incidents==

~~{{Main|~~Genshin Impact anti-cheat}}

~~Genshin Impact uses kernel~~-~~level~~ (~~Ring 0~~) ~~anticheat, which provides full access to system resources.~~ In 2022, ~~the~~ anti-cheat ~~driver mhyprot2.sys~~ was used ~~by hackers to bypass all privileges and deliver~~ {{Wplink|ransomware}}.<ref>https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html</ref>

===Genshin Impact anti-cheat used to bypass anti-virus in ransomware attack (''August 2022'')===

In 2022, Genshin Impact's anti-cheat was used in a {{Wplink|ransomware}} attack vector. This was originally reported on by TrendMicro.<ref>{{Cite web |last=Soliven |first=Ryan |date=24 Aug 2022 |title=Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus |url=https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html |url-status=live |archive-url=https://web.archive.org/web/20250918100139/https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html |archive-date=18 Sep 2025 |access-date=22 Sep 2025 |website=TrendMicro}}</ref> During this period of vulnerability, Genshin Impact's anti-cheat was utilized to bypass anti-virus software, allowing attackers to remotely deploy ransomware payloads to an affected user's computer.

Genshin Impact's public relations team, Hoyoverse PR, responded to multiple news outlets with a generic answer that seemed to confirm the validity of the claims by TrendMicro.<ref>{{Cite news |last=Bolding |first=Jonathan |date=28 Aug 2022 |title=Ransomware abuses Genshin Impact's kernel mode anti-cheat to bypass antivirus protection |url=https://www.pcgamer.com/ransomware-abuses-genshin-impacts-kernel-mode-anti-cheat-to-bypass-antivirus-protection/ |url-status=live |access-date=22 Sep 2025 |work=PCGamer |pages=1}}</ref><ref>{{Cite web |last=Toulas |first=Bill |date=25 Aug 2022 |title=Hackers abuse Genshin Impact anti-cheat system to disable antivirus |url=https://www.bleepingcomputer.com/news/security/hackers-abuse-genshin-impact-anti-cheat-system-to-disable-antivirus/ |url-status=live |access-date=22 Sep 2025 |website=Bleeping Computer}}</ref>

==Further reading==

@@ Line 7: / Line 7: @@
 | Logo = Genshin Impact.png
 }}
-'''{{wplink|Genshin Impact|Genshin Impact}}''' is an ''{{wplink|Always-on_DRM|always online}}'' open world free-to-play action role-playing video game developed by {{wplink|MiHoYo|MiHoYo}}.
+'''{{wplink|Genshin Impact|Genshin Impact}}''' is an ''{{wplink|Always-on_DRM|always online}}'' open world free-to-play action role-playing gacha video game developed by {{wplink|MiHoYo|MiHoYo}}.
+==Consumer impact summary==
+*'''Privacy:''' Genshin Impact despite primarily being a single player title with some co-op elements utilises [[Kernel level anti-cheats|kernel level anti-cheat]].
+*'''Control:''' Users must have the anti-cheat running while playing the game. Prior to a September 2020 update, it also remained running after the game was closed or uninstalled.<ref>{{Cite web |date=28 Sep 2020 |title=About Our Anti-Cheat System (Updated) |url=https://genshin.hoyoverse.com/en/news/detail/103720 |url-status=live |archive-url=https://web.archive.org/web/20230201114443/https://genshin.hoyoverse.com/en/news/detail/103720 |archive-date=1 Feb 2023 |access-date=22 Sep 2025 |website=Genshin Impact}}</ref>
+*'''Security:''' Kernel level anti-cheats, have the highest amount of privilege on the running machine — and the greatest vulnerability should it be hacked.
 ==Incidents==
-{{Main|Genshin Impact anti-cheat}}
-Genshin Impact uses kernel-level (Ring 0) anticheat, which provides full access to system resources. In 2022, the anti-cheat driver mhyprot2.sys was used by hackers to bypass all privileges and deliver {{Wplink|ransomware}}.<ref>https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html</ref>
+===Genshin Impact anti-cheat used to bypass anti-virus in ransomware attack (''August 2022'')===
+In 2022, Genshin Impact's anti-cheat was used in a {{Wplink|ransomware}} attack vector. This was originally reported on by TrendMicro.<ref>{{Cite web |last=Soliven |first=Ryan |date=24 Aug 2022 |title=Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus |url=https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html |url-status=live |archive-url=https://web.archive.org/web/20250918100139/https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html |archive-date=18 Sep 2025 |access-date=22 Sep 2025 |website=TrendMicro}}</ref> During this period of vulnerability, Genshin Impact's anti-cheat was utilized to bypass anti-virus software, allowing attackers to remotely deploy ransomware payloads to an affected user's computer.
+Genshin Impact's public relations team, Hoyoverse PR, responded to multiple news outlets with a generic answer that seemed to confirm the validity of the claims by TrendMicro.<ref>{{Cite news |last=Bolding |first=Jonathan |date=28 Aug 2022 |title=Ransomware abuses Genshin Impact's kernel mode anti-cheat to bypass antivirus protection |url=https://www.pcgamer.com/ransomware-abuses-genshin-impacts-kernel-mode-anti-cheat-to-bypass-antivirus-protection/ |url-status=live |access-date=22 Sep 2025 |work=PCGamer |pages=1}}</ref><ref>{{Cite web |last=Toulas |first=Bill |date=25 Aug 2022 |title=Hackers abuse Genshin Impact anti-cheat system to disable antivirus |url=https://www.bleepingcomputer.com/news/security/hackers-abuse-genshin-impact-anti-cheat-system-to-disable-antivirus/ |url-status=live |access-date=22 Sep 2025 |website=Bleeping Computer}}</ref>
 ==Further reading==