• OsrsNeedsF2POP
    link
    fedilink
    arrow-up
    10
    ·
    edit-2
    2 years ago

    Malware distributors can use the Genshin kernel module to distribute their viruses and totally wreck your PC. Antimalware will not catch it. The kernel module is also signed by Microsoft, making it extremely easy to install on a victim’s computer.

  • AgreeableLandscape
    link
    fedilink
    arrow-up
    7
    ·
    edit-2
    2 years ago

    Not defending kernel mode anticheats, but I think the bigger problem here is Windows’s Swiss cheese level kernel module management. Because apparently this whole fiasco is because the kernel module in question is “verified” by Microsoft, so it doesn’t need admin/UAC authorisation to install, a machanic which this malware exploits.

    More discussion here: https://infosec.exchange/@r000t/108890918411908350

  • Helix 🧬@feddit.de
    link
    fedilink
    arrow-up
    6
    ·
    2 years ago

    And all because server side anticheat is too expensive for them to host. I mean, what does the Kernel based anticheat really give the players? It only benefits the company so they can make more money with fewer resources.

  • poVoq
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    edit-2
    2 years ago

    deleted by creator

  • FuckBigTech347@lemmygrad.ml
    link
    fedilink
    arrow-up
    3
    ·
    2 years ago

    Knew something like this would happen eventually. At some point in the future every anti-cheat that uses kernel modules will have at least one vulnerability like this discovered. Calling it now.