FlightSimLabs is a developer of a flight simulator game. FlightSimLabs seems to be in a very difficult position to explain why its software contained malware that could intercept passwords from user browsers.
The game code allegedly contained a mechanism for detecting pirated serial numbers of the game being distributed through Pirate Bay. If the code detected a pirated copy, it triggered a process by which the company stole user names and passwords from users' browsers.
Anti-piracy systems and DRMs are known, but what FlightSimLabs thought would most likely remain in history as one of the most outrageous.
It all started yesterday on Reddit when Flight Sim user 'crankyrecursion' mentioned FlightSimLabs module A320X.
"Using the 'FSLabs_A320X_P3D_v220.127.116.11.exe' file, there appears to be a file called 'test.exe'," wrote the crankyrecursion.
This .exe file comes from the Securityxploded.com page which describes it as a 'Chrome Password Dump tool.' This tool seems to work because the installer usually runs with administrator privileges (UAC prompts). Can anyone tell us why this tool is included in a supposedly secure installer? ”
Let's look at what the head of the company said, who seems to be a Greek:
FlightSimLabs Officer Lefteris Kalamaras said in a post at forum the company's:
"We know there's a thread on Reddit that started tonight about our latest installer and how it includes a tool that indiscriminately records Chrome passwords. That's not right, in fact, the thread on Reddit was posted by someone who is not our customer and has somehow acquired our installer without buying it. "
"There is a specific method used for specific serial numbers that have been identified as pirated copies and are circulating on ThePirateBay, RuTracker and other similar malicious sites."
In short, FlightSimLabs installs a password dumper on all user systems, whether pirated or not, and activates the tool when it detects that the game is running under specific pirated serial numbers.
"Test.exe is part of DRM and only addresses specific pirated copies of software that are copyrighted and obtained illegally. This program works temporarily and is never used in legal copies of the product "said Kalamaras.
Continuing the FlightSimLabs officer said that information obtained from pirates' systems in this way is likely to be used in court or other legal proceedings.
Finally, after the event was published (we found it at TorrentFreak) Mr. Kalamaras said:
"While the majority of our clients understand that the fight against piracy is a difficult and ongoing battle that sometimes requires drastic action, we realize that some of you are concerned about this particular method which may be considered somewhat difficult. That's why we uploaded an updated installer that does not include this DRM control file. ”