I downloaded a cracked install from tpb (haxnode). It was a loader exe that loaded the original exe and supposedly removed the drm in RAM. It required admin permissions, I didn’t trust it, but i ran in a vm and nothing happened.
Then i told myself “i have microsoft defender and windows firewall control, they will warn me” and I ran it in my main laptop, and still nothing happened. Like, literally nothing happened. The original program would not start. It would simply exit. Nothing. The other 6 almost identical torrents from the same uploader but with a different program version had a similar result. I gave up.
Then i reboot, and firstly i notice a couple DOS prompts flashing on the screen, and windows firewall control asking me if “aspnet_compiler.exe” is allowed to access the internet or not.
Suspicious, i go to check that “aspnet_compiler.exe” and it’s located in the .net system folder, i scan it with microsoft defender and it doesn’t report as a virus. I do not pay attention to the fact that it doesn’t have a valid Microsoft signature, and i tell myself “probably just a windows update” and i whitelist it on the firewall.
After a few hours I realize “wait a minute: it’s impossible that an official windows exe isn’t signed by microsoft!” I go back to scan it, not infected… or it looks like, defender says “ignored because in whitelist”. What? The “loader” put c:* in the whitelist!
The “crack loader” wasn’t a virus per se. It dropped an obfuscated batch in startup, which had a base64 encoded attachment of the actual malware, that was copied in the .net framework directory with unassuming names…
And this for a $60 perpetual license program that i should buy anyway because it’s for work
Let’s say you are a graphics designer. You use Adobe Illustrator and you pirate it. You work for Innertrode either as a contractor or a full time employee. You make their new logo.
Adobe’s legal team are bored. They see that new logo. They know it was made with Illustrator because of some of the visual quirks/tools (or, you know, because it is anything graphical so of course it uses Adobe). They know that Innertrode doesn’t have a license. So they call up Lumberg and say “what the fuck?”.
Lumberg then calls the person who was in charge of the new logo and they point at you.
If you are staff? You were given training not to pirate anything. It is all your fault. Innertrode buys a few years of a license and apologizes and fires your ass and makes sure to tell everyone they know about you. Or you are a contractor and you signed an agreement saying you had valid licenses for everything and they just give your contact info to Adobe and move on.
And Adobe MIGHT just want to shake you down. Or they might want to make an example and sue the fuck out of some people.
Also… it is a lot of hearsay for obvious reasons, but there are very strong rumors that some of the more prominent cracks tend to add digital watermarks for the purpose of automating this.
Not quite but a possibility answer.
Lot of software gets embedded tracking software where it does a few things to see if it’s tampered with and reports back along with a lot of details. It’s kind of sweet how you can dig in and see where exactly where that computer lives and how it can triangulate exactly where it is even over a VPN.
I happened to work with this software at one point…… lot of companies actually don’t unless there is a business using the software or it’s super expensive think 10k+ per seat or you see a hot spot. Not worth the effort.
Other side of the coin I was a Desktop Eng many moons ago. We would do reporting on all of the systems in SCCM and what’s installed on them and compare to a know good list of applications every so often to minimize legal risk to the business.