
Capcom's Streetfighter rootkit capcom.sys signed by a still valid Symantec cert - 0x0
https://twitter.com/TheWack0lian/status/779639651795603457
======
FrozenVoid
People ask me why i only play 'old games'. This shit modern companies do with
DRM and anti-cheating(like e.g. GameGuard and similar invasive 'drivers')
can't be trusted - its invasive, hidden deep in EULA excuses and closed-
source. Such "root-level" software could arrive in your favorite game as
update with vague note of "enhanced cheater detection". They had to rollback
after backlash and exposure
[http://www.theregister.co.uk/2016/09/23/capcom_street_fighte...](http://www.theregister.co.uk/2016/09/23/capcom_street_fighter_v/)

------
0x0
So, because the driver is signed and valid and trusted by all normal windows
installations, it would seem there's nothing stopping malware authors from
bundling this capcom.sys for an easy rootkit kernel driver, even if you've
never had anything to do with the actual game.

