Piracy is a real problem for indie studios and even big developers who earn revenue through sales of legit copies alone. But FlightSimLabs is going to extreme lengths to prevent piracy.
The company which specializes in developing add-ons for flight simulators, has been found guilty of embedding malware in its A320-X module as an anti-piracy tool. The company claims that the malware, which is capable of stealing usernames and passwords from a users’ web browser, is only used against pirates who have illegally downloaded the module.
The incident was first spotted by Reddit user crankyrecursion who wrote:
“Using file ‘FSLabs_A320X_P3D_v188.8.131.52.exe’ there seems to be a file called “test.exe” included. This .exe file is from http://securityxploded.com and is touted as a “Chrome Password Dump” tool, which seems to work- particularly as the installer would typically run with Administrative rights (UAC prompts) on Windows Vista and above…Can anyone shed light on why this tool is included in a supposedly trusted installer?”
Turns out the test.exe file is nothing but a malware capable of stealing a user’s login credentials. When news about the discovery reached FlightSimLabs chief Lefteris Kalamaras, he released a statement which said:
“We were made aware there is a Reddit thread started tonight regarding our latest installer and how a tool is included in it, that indiscriminately dumps Chrome passwords. That is not correct information- in fact, the Reddit thread was posted by a person who is not our customer and has somehow obtained our installer without purchasing…[t]here are no tools used to reveal any sensitive information of any customer who has legitimately purchased our products. We all realize that you put a lot of trust in our products and this would be contrary to what we believe. There is a specific method used against specific serial numbers that have been identified as pirate copies and have been making the rounds on ThePirateBay, RuTracker and other such malicious sites”.
In simpler terms, the company installed a password stealing malware on all of its users’ machines, whether they were pirates or not, but claimed to only activate it when it determined that the person using the software obtained it via illegal means. Additionally, Kalamaras revealed that the information obtained from the pirates’ machines was to be used in court or other legal processes.
Even though the company claims that the tool was only used against pirates, there is absolutely no substantial evidence towards their claims. As another Reddit user points out, “Nobody can guarantee how the malware behaves that they installed.”
Following that, the company seems to have had a change of heart and started redirecting users to a new installer which didn’t include the malware. Kalamaras in an updated statement said, “I want to reiterate and reaffirm that we as a company and as flight simmers would never do anything to knowingly violate the trust that you have placed in us by not only buying our products but supporting them and FlightSimLabs”.