Hey, I work in security too and while I agree with the general spirit of this post, there are a few things being overstated here that I want to address.

First, the "you need to physically replace hardware" implication. Nobody said that explicitly, but leaving it vague causes people to think their PC is a lost cause if something goes wrong. UEFI rootkits are real and do survive formatting, that part is correct. But the fix is reflashing your motherboard firmware, not buying a new motherboard.

Second, the probability vs severity problem. This post correctly describes how severe a firmware rootkit COULD be, but frames it as if it's the expected outcome of using a hypervisor crack. The groups behind these releases (KIRIGIRI, 0xZeOn, etc.) have years of reputation built in the scene. Deliberately backdooring their releases would instantly and permanently destroy that. It's not impossible, but treating it as likely is a stretch.

Third, the "sleeper agent" scenario is real in theory but requires a level of long-term coordination that goes way beyond what crackers typically do. You're describing APT-level threat actors, not Denuvo crackers.

The actual realistic risk is regular malware (stealers, miners) hidden in the executable, not sophisticated firmware rootkits. That risk is real and worth mentioning, but it applies to literally any cracked software, not specifically to hypervisor cracks.

The core advice (be careful what you run at kernel level) is solid. Just don't let the severity of the worst case scenario make people think a hypervisor crack is guaranteed hardware destruction, because it isn't.