Firmware, unlikely. Rootkit, probably. The most likely attack is plain old malware. Attacks relying on those security features being disabled are uncommon.
However! If a malicious actor says "hey here’s a guide to defeat denuvo on the latest game, and here’s the crack’, and the guide tells you to disable certain security features, the crack can contain malware specifically crafted to exploit that scenario. It’s one of the reasons that guides saying “disable uac, disable antivirus, run as admin” are a huge bright red flag.
Firmware, unlikely. Rootkit, probably. The most likely attack is plain old malware. Attacks relying on those security features being disabled are uncommon.
However! If a malicious actor says "hey here’s a guide to defeat denuvo on the latest game, and here’s the crack’, and the guide tells you to disable certain security features, the crack can contain malware specifically crafted to exploit that scenario. It’s one of the reasons that guides saying “disable uac, disable antivirus, run as admin” are a huge bright red flag.