this post was submitted on 11 Jan 2025
37 points (93.0% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

55790 readers
369 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS
 

Today I was trying to download Affinity Photo 2 from the websites listed on the megathread, as normally I do exactly that and everything goes just fine.

But when scanning the downloaded files. Windows Defender detected it as hacktool.win32.keygen and malwarebytes as Generic.Malware.AI.DDS.

In the case of Windows, I am guessing that it is not detecting a virus but the actual crack right? That's what that means as far as I'm aware. But what surprised me was malwarebytes, it has sometimes warned about cracks but it's not something it does often, and I don't recognize the detection code, but it seems to be using AI to detect malware now?

Is this something that is known to happen? Malwarebytes AI seems to be detecting cracks as malware... Or is this actually a virus?

I put it in quarantine just in case, but I am guessing this has to be false positives, as it happened with 2 different downloads from 2 different websites.

VirusTotal results also flagged it as "malware", but seems to be also detecting the crack. https://www.virustotal.com/gui/file/127540f7b3558a94f6e8a4ce9c695231e8715e20a17da4584d5df99035a79d49/detection

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 44 points 2 weeks ago (7 children)

I'm not saying it is or is not a false positive, so please read the rest of my comment with that in mind.

But, that said, this is not new: AV has triggered on cracks and cheat software and similar stuff since forever.

The very simplified explanation is that the same things you do to install a rootkit, you do to cheat in a game with or crack software DRM.

Bigger but, though: cracks and game cheats have also been a major source of malicious software for just as long, so like, it's also entirely likely that it's a good catch, too.

[–] [email protected] 4 points 2 weeks ago (6 children)

I'm aware of that, I don't feel like installing it honestly. I might look for other downloads later. I suspect it's just the crack because it detected the same from two different downloads on reputable websites on this community.

Honestly I think i should start using vm's to run pirated software, not games, I have never haved problems with those since I'm already pretty experienced when it comes to that, but software has always felt more awkward to install. A VM could help with these situations where I'm not really sure if it's just the crack or actually malware.

[–] [email protected] 1 points 1 week ago

You could always take the performance hit and install it on a virtual machine. I've even heard of people who have an APU (CPU and GPU on the same chip) along with a discrete GPU, or just two GPU's, and they run the base operating system on the weaker GPU then run the VM and dedicate the entire good GPU to it, which gets near to bare metal performance allegedly.

load more comments (5 replies)
load more comments (5 replies)