Lose/Lose Indie Game Declared A Trojan

What strange fame.

IndieGames have a really interesting story about Symantec’s response to Zach Gage’s indie game, Lose/Lose, that Kieron wrote about here. The impish game’s a shmup that deletes files from your computer every time you shoot an enemy ship. Which is something anti-virus computer-protecting Symantec have now identified as a threat, and labelled it a trojan.

At the moment Symantec are only identifying it as a risk for Macs, and only referring to Lose/Lose as a Mac game. Either this is just their Mac portal, or they aren’t aware it’s on PC too. Or perhaps I’ve missed the PC-equivalent announcement. But the point is, Lose/Lose now even has a virus codename: OSX.Loosemaque. Now that’s a badge few developers can claim.

Symantec do recognise that it’s a game, and importantly in their video (below) they recognise that Gage goes to great lengths to make it clear that the game will delete your files. Their given reason for considering this warning not enough is interesting:

“There’s nothing stopping someone with more malicious intentions from modifying it slightly and then passing it on to unsuspecting users, causing significant damage to a computer.”

That’s presumably true. But can you label something that openly declares it deletes files a “threat”? Could you say the same of any respectable legitimate application used to format your hard drive? Or does Lose/Lose’s mischievous nature put it in another category? The game is definitely damaging to your computer, and saying that it is doesn’t mean it does any less damage when played.

This ambiguity is perhaps unfairly removed when you visit the threat’s page on the Symantec site. Here it is simply described as:

“OSX.Loosemaque is a Trojan that appears to be a video game, but deletes files from the home folder when a user plays it.”

Which is completely true, of course. But rather missing some significant nuance. When you go for further details it gets deeper into the oogie-boogie language.

“The Trojan may arrive on the computer as a application folder with the following name: lose lose.app

When executed the user is presented with a video game.”

Presumably the fear is someone sends the file to their buddy who is unaware, and runs it. Or presumably this general language takes into account the feared potential changes that would remove the warnings. The Symantec description concludes:

“When the user character is destroyed, the game ends, and the Trojan sends the user’s score to the following server, then deletes itself from the compromised computer”

Having not played the game (obviously) I’m not sure if this last part is definitely the case. Does it really delete itself like a sneaky virus might? (It seems it does.) So what do you think? Are Symantec right to label this as malware? Or is it artistic expression being misunderstood and unfairly victimised?

Whatever the case, it’s certainly great publicity for the game that’s just been nominated entered itself for next year’s IGFs. We’ve contacted Gage to see what he thinks. All credit to IndieGames for the story. And you can watch the Symantec video below. (It’s fun hearing the game referred to as a “threat”.)

93 Comments

  1. Psychopomp says:

    “There’s nothing stopping someone with more malicious intentions from modifying it slightly and then passing it on to unsuspecting users, causing significant damage to a computer.”

    They’ve got a very good point.

    • Nathan says:

      Surely the same could be said of any number of programs? I could modify your web browser such that it would delete your entire user folder, but this isn’t a negative quality that could be attributed to the /browser/.

    • pepper says:

      This does happen, and i can see where they are coming from, and there users expect them to identify programs that have these kind of intentions.

      With that said, i think labeling a game that clearly tells the user it will delete stuff as a virus is going a bit over the top. Although many users have shown a click-without-reading behavior in multiple studies, im quite sure the techies around here have experience with these kind of people.

    • zipdrive says:

      Nathan, people aren’t likely to install a browser you send them, though.

      Pepper: Indeed. In one experiment a security expert bought google ads that said something along the lines of: “Is your computer clean from viruses? Click here to infect it”… 419 clicked the infectious ad.

  2. Lilliput King says:

    “Having not played the game (obviously) I’m not sure if this last part is definitely the case. Does it really delete itself like a sneaky virus might?”

    I believe so.

    Incidentally, I’d suggest their labelling of the game as a virus probably has more to do with their userbase than the game. It’s not unfair for a user to assume that with a protection package they were safe from internet harm, and hold it against Symantec if errors did occur, even if they were fairly warned. I doubt they would have picked up on it as a virus if they hadn’t received some complaints to that effect.

  3. Gap Gen says:

    Hell, you can write a line of code that deletes you entire home directory anyway*. I don’t believe that anyone would really modify this to do any more damage to your files than it already does.

    *On a Mac, open Terminal and type “rm -rf ~”

  4. hedgey says:

    other than that it already does quite significant damage.

  5. Vinraith says:

    When I first read about it I thought it sounded like malware, I don’t think labeling it as a threat is at all unreasonable.

  6. Lambchops says:

    This game getting nominated for an IGF award would be even more stupid than the inclusion “You have to Burn the Rope” last year. There’s so many more deserving titles out there.

    • jameskond says:

      Well it’s a form of art and just like with silly paintings that are easy to make and lack any kind of skill it’s still ‘art’ and it makes you think about the art piece and the question ‘What is art?’ and ‘Is this art?’

  7. Namey says:

    I can definitely see where this is coming from. While the game itself doesn’t intend to be malicious, it can be misused. Either by somebody intentionally using it harmfully against someone, or just by people being quite thick.

    • Railick says:

      The game itself DOES intend to be malicious, that is the entire point of the game and what it sets out to do and it does it well.

  8. LewieP says:

    Mission accomplished surely?

  9. rocketman71 says:

    Symantec stopped being a decent antivirus company the moment it stopped showing Norton crossing his arms on the cover of their products.

  10. LewieP says:

    I’m sure I heard some Vista users say that it classes certain games a malware too (Starforce) and refuses to install them. I could be wrong here, having never used Vista or Starforce games. Confirm/deny?

    • Psychopomp says:

      A big ol’ deny.

    • Kid A says:

      Uhm, not entirely deny, actually. Starforce was automatically blocked out by Vista for a while on a lot of older/unpatched games. I still can’t play Spellforce 2 on Vista because a fix was never released for that, for example. It’s not that Vista isn’t blocking Starfarce, it’s just that it’s not telling you it’s doing so to stop it “threatening” your computer.

  11. merc says:

    What’s it getting an award for, least playable game ever?

  12. Alan Hazelden says:

    I’m pretty sure this is just available for OS X. There’s only one download link on the website, and no exe files in there.

  13. G says:

    In the same update Symantec have declared the delete key as malware.

  14. DMcCool says:

    Does it annoy anyone else what a bad rap Trojans get? Why aren’t malacious files that sneak into your computer called “Greeks”? Or, at least, “horses”? Poor Trojans.

    That aside, I’m not sure how I should feel about this. Isn’t this just the equivilent of a Chris Burden installation being declared a health and safety issue?

  15. Railick says:

    It is kind of odd that they are called Trojan horses instead of Greek Horses, after all the Trojans aren't the ones that built the horse or used it to sack at city (It was THEIR city) Should be call Greek Horses I agree :P

    In other news Symantec has declared Ronald Mc Donald a mass murderer.

  16. Mike says:

    I think this is really important – it should be classified as such simply because people who don’t know what the game does have to be made aware of it properly. People are stupid – that’s one of the things Symantec have to protect against.

  17. DJ Phantoon says:

    In other news, Trojan Co., one of the world’s leading condom manufacturers has placed a protest to the internet stating, “Our product does not allow unprotected intrusiveness. That is quite contrary to its use. Please stop using the Trojan name as a term for invasive malware. Thank you.”

  18. futage says:

    I imagine (and hope) this reaction will please the artist, as it makes explicit some of the questions this game was asking.

    I don’t think what Symantec labelling it as they have is (given their role) unreasonable (certainly not victimisation of artistic expression) but I do think it’s utterly unreasonably that their description did not explain that this is a very different thing to the countless other items they flag up as malware or whatever.

  19. h4plo says:

    This is really a rather interesting situation to me. Without having read about lose/lose before, it almost seems like the intent must have been to get it classified as malware. Even if not, this works our very well for the developer – this not only draws a great deal of attention to the game as being, more or less, “the first of its kind,” but it also legitimizes the game as being something more than a /game/. I think that’s pretty important for a piece of work like lose/lose; aside from the shooty-spaceship part of the game, it fundamentally does more than other games do – it actually changes your computer – and I can’t imagine the developers being content with labeling this as a “game.”

    Virus-game? Malgameware? I have no idea. But to answer the question, yes, I believe Symantec acted appropriately. Primarily because I agree with the other posters in that Symantec has a responsibility to not allow exactly this sort of thing from happening to a computer, but also because .. well, who really takes messages like the one at the start of the game seriously? Sure, it takes place outside of the actual game, but it sounds, at least initially, like as much as any sign in a game that says not to do something.

    And really, what’s the first thing any of us do when we see a sign that says to go to the right?

    Why, go left of course.

  20. Peter says:

    “There’s nothing stopping someone with more malicious intentions from modifying it slightly and then passing it on to unsuspecting users, causing significant damage to a computer.”

    Can’t you do that with any other game? Any program can be modified slightly and then passed on to unsuspecting users, why would someone do that with something that warns you it will delete files?

  21. Vander says:

    Whoever the dumb shits are that play this, deserve whatever they get as a result.

  22. Taillefer says:

    “IGF judges, remember to play this one last.”

    • Taillefer says:

      “Lose/Lose literally destroyed all other competition.”

  23. Persus-9 says:

    I too think it’s fair enough. If you know what it is then you can just override the warning. If you don’t know what it is then to be honest it’s probably best if you check that out before you play the game. I can easily imagine people being incredulous of the in game warning and playing it on the assumption that it was just a joke. Now if Apple did this then I might get annoyed because I hate it when operating systems get above themselves and start acting like babysitters rather than servants but it strikes me that if you’re buying anti-virus software off Symantec then this is exactly the kind of nannying you probably want.

  24. Weylund says:

    People playing it on corporate systems.

    Yes, it needs to be a threat, as security is more often than not *not* at the discretion of the user in question. Well played Symantec.

  25. gryffinp says:

    Yeah, I’ll give this one to symantec. It is a program that fucks with your computer and people who aren’t smart enough to realize that should be told that fact. Anyone who would freak out at their AV program telling them this probably doesn’t realize what the program will do and shouldn’t play with it anyway.

  26. Ted says:

    Is there any good reason the creator of this “game” shouldn’t be kicked in the balls over and over and over again for being such a jackoff? Because I can’t think of one.

    • Taillefer says:

      Would you like me to kick you in the balls. Yes or no?

    • Klaus says:

      A jackoff? Well, anyone who creates a game that randomly deletes files off your computer without telling the user beforehand is indeed a jackoff. But the game is explained on the website, and probably in the manual, and there likely is a warning in the game. I don’t understand how someone can be a jackoff after explaining to you the consequence of your possible actions.

  27. Nick says:

    My god! This was made for the EGP’s failure contest. It deletes random files when you kill enemies, and deletes itself when you die. It’s a joke. It also warns you that it will delete your files. This is ludicrous.

  28. MrFake says:

    Because RPS and fellow gaming rags are at the forefront of informing gamers of the risks involved. Symantec rightly stepped up to the plate. Yes, this game is a threat. It is all those other things as well: a game, a piece of art, a statement, an experiment, a grab for attention, a flop, a success. But it was designed as a threat, and was released as a threat.

    Oh, wait … this must be our monthly AIM inoculation. Well, I’ll feel right as rain in a day or two.

  29. dhex says:

    i don’t blame symantec. i would hope we’d all be even more weirded out if they said something like “potential for malicious damage, but don’t worry, it’s an art game”.

    on the other hand this could lead to shirts like “fuck art, let’s backup”.

  30. KP says:

    stupid gimmick game sucks, Symantec sucks, etc

  31. Switchbreak says:

    There was a screensaver a while back that simulated the blue screen of death, and all the antivirus companies quickly jumped on it, saying someone could put it on a friend’s computer unaware and trick him into restarting and losing data. Antivirus makers can’t really afford to have senses of humor.

    • Gnoupi says:

      It was the bluescreen screensaver from sysinternals, it is flagged by antivirus, but under the “joke” label. This way, it can be prevented in workplaces (to avoid, I guess, antiproductive panics).

  32. Switchbreak says:

    The rootkit parts on old versions of StarForce don’t work anymore on Vista, though, so while those games will install they won’t run unless you crack the DRM off.

    • Switchbreak says:

      That bit was meant to be a reply to LewieP’s post up there about StarForce and Vista.

  33. vagabond says:

    That’s presumably true. But can you label something that openly declares it deletes files a “threat”? Could you say the same of any respectable legitimate application used to format your hard drive? Or does Lose/Lose’s mischievous nature put it in another category?

    If a virus popped up a small window that said “You’ve been infected by a virus, click Okay to trash your hard drive”, and then only trashed your hard drive if you clicked okay, it’s still a threat. It might not be a very competent or credible virus, but you’d still expect Symantec to detect it.

    I think the thing that makes it different from tools used to format or partition drives is that those have actual uses as tools.

    This at best can defended as “art”. But only in the same way as if you went to the art gallery and there was a velvet curtain, behind which there was a painting and the artist who painted it wearing boxing gloves. You can go behind the curtain and look at the painting, but the entire time you are there, the artist is going to be punching you. You can muse about the interesting nature of the piece in that the viewer must suffer in order to be able to appreciate the art, but at the end of the day the artist is still a cock who enjoys punching people. Also, the painting isn’t very good.

    • invisiblejesus says:

      One could simplify the entire thought process by concluding, correctly in my opinion, that Lose/Lose is a stupid game and shitty art and that there’s no good reason to have it on your computer other than being paid to talk about it, and so anything encouraging you to get this crap off of your machine is harmless at worst and a very good thing at best. Minus 50 internets for being obvious, I know, but there you go.

    • futage says:

      Except that viruses tend to get on your system without your consent/knowledge or usually any any (intentional) action on your part.

      Same with your analogy, really, it would only work if there’s a notice saying “if you open these curtains you will be punched”.

  34. Ozzie says:

    Interesting how easily people get offended by this joke game.

  35. Wulf says:

    Symantec has the ethical (not moral) high-ground here, and that’s important for an anti-malware company, whose software is primarily designed to protect unwitting computer users from being tricked into damaging their systems, which most forms of malware do.

    Anyone who’s versed on malware (as I am) knows that the infection doesn’t first happen on the computer level in most cases. With nasties that exploit overflows to execute arbitrary code and the likes, it’s true, but it’s not always the case. And given all the variables for such a virus to be successful, it’s actually rarely the case. Most infections happen first on the human level, through social engineering.

    The human is tricked by a clever bit of social engineering… the result? They click something they wouldn’t if they knew what was really going on, or they install something they wouldn’t, they execute something they wouldn’t, and so on, and a lot of shady advertising companies take advantage of this to get nasties onto a computer, too, which is why we have anti-spyware and anti-adware control systems.

    What we’re seeinig here is basically something that could easily be turned into a trick.

    An admittedly poor metaphor would be plastic toy guns in a kindergarten that shoot real bullets. A kid picks one up, pulls the bright, colourful trigger… *BAM!* Of course, this might happen if real guns were left around too. But that’s what we’re seeing here, the potential to use social-engineering to trick people into deleting files off their own system, perhaps to the point where that system would no longer boot.

    And since it’s a game, it might lower the defenses of someone who might not otherwise be tricked.

    Now, if a person is wittingly going to use the game of their own free will, with complete knowledge of what would happen, why would they be bothered by their virus scanner warning them? All scanners these days have an exceptions list, so one would merely add the game to their exceptions list then get on with destroying their computer like some batshit crazy person. If someone were to argue that Symantec shouldn’t do that… why would they do that? Logically, considering the existence of the exceptions list, I could only conclude it’s because they’d want to use it to trick someone themselves.

    A while back, there was a server/client solution that worked as malware, once the server was installed it gave complete control to the client, but it also did all it could to hide the existence of the server from the user, and the server software could be embedded in executables, and would stay executed when run. This was sold as a product (yes, really), and when virus scanners started adding the server as malware, the company complained.

    Of course, the anti-malware companies were correct in that instance, too.

    Because the primary point of a good anti-malware system is that it doesn’t just protect them from bad software, it also, to a degree, protects them from being tricked by bad software that pretends to be good, or being tricked by their friends, or anyone.

    if an anti-malware system flashes up a big, friendly message about softwre being dangerous, there are no questions. Dangerous software is dangerous. Then whether a user uses it or not is up to them. But the warning is important, the warning should be there. It’s the difference between wittingly running Lose/Lose and unwittingly running Lose/Lose. And the developer of Lose/Lose, i feel, should be supporting Symantec’s position and stance, unless he has motivations surrounding his game, too. As I said, it wouldn’t be the first time someone has paraded malware as being… well, not malware, and done it cleverly.

    No matter how you look at it, Lose/Lose is malware, it might be malware you’d wittingly want to run (exceptions list, again) but it’s still malware. It’s the job of an anti-malware system to keep one informed about malware. It really is as simple as that. I just hope Symantec don’t fold on this issue, because they are right.

  36. Angelo says:

    I sometimes doubt this is even an actual game. Has anyone even played it?

  37. Hulk Hogan says:

    I got an idea for a porno parody version of this game called Loose/Loose.

    It’d play like Custer’s Revenge but everytime you screw the lady tied to the cactus your computer would get a virus.

  38. _Nocturnal says:

    I think it simply boils down to a Symantec guy getting caught playing games during work hours and finding a great excuse to do so.

    What I find annoying is the language they use in their report. It’s not a game that deletes files, it’s a trojan that simply disguises itself as a game, they say. And that, to me, is a misleading statement. But then we go into the territory of what can be considered a game and so on.

  39. StormTec says:

    Can’t you decide what folder the game deletes files from? I mean, I remember someone mentioning that they could just use it as a fun way to empty the recycle bin by directing it to the recycle bin and playing it. Surely that’s not as bad as if it just randomly deleted files off your computer?

  40. TeeJay says:

    Win/Win

    The game, previously mentioned only in PC-gaming circles will get some column inches in the far larger mainstream PC press. stfj.net / zach gage will get a lot more hits on his portfolio from this = good result.

    Symantec get extra publicity and the game makes a visually-pleasing “what a virus does” advert. A virus alert described in abstract language is not going to get the same attention nor the same number of people who think ‘I better go out and buy Symantec virus checker’ or ‘does my current virus checker know about this programme’.

  41. mandrill says:

    Rant/

    Symantec are labelling this game as a threat to your computer? Then they might as well also lable the brain of anyone wha actually plays it as a threat to their computer. REALLY! We’ve got a gov’t that insists on nannying us when we don’t want them to, and now we’ve got a company (Who I presume people pay money to) doing that same?

    This game is dangerous. I figured that out the first time I read about it and have not let it anywhere near my computer. I don’t need the smug buggers at Symantec to tell me that. “Oh look, we’re clever, there are plenty of stupid people out there who will play this game and wonder why their computer crashes, lets identify it as something that it isn’t to make sure they don’t. Its for the children don’t cha know”

    Well you know what? If someone plays this and then wonders why they have to re-install their OS afterwards then its their own damn fault for being so stupid. It is a just punishment, and the only way they’ll learn not to be so dumb in future. Symantec are depriving the dim of a means to learn something and should be condemned for it.

    /rant over, sorry bout that. its 9am and its still dark here and I haven’t had my coffee yet. ITS STILL DARK!?!?

    • James G says:

      Well bear in mind that the person who plays the game may not also be the same person who wants to protect the computer. Many systems have multiple users, not all of them as savy as each other.

  42. Ozzie says:

    Illiterate people might be the only ones that mistake Lose/Lose as a pure game. But then, they might also not be able to figure out what Norton is trying to tell them.
    Well I don’t use Norton or need to anyway. And no one has to download and play Lose/Lose either. So, what was the controversy about?

    • Wulf says:

      Maybe, but wouldn’t it be possible to easily add a wrapper to it which would skip any warnings and go straight into the game? That’s my concern, and one which I think that a lot of people are too … I’m sorry, I can’t put this in a PC way, too computer thick to understand.

      Lose/Lose is not a danger when taken purely as Lose/Lose. Lose/Lose is a potential danger which could be used to trick people by anyone capable of adding a wrapper to it which would perform a few keypreses on launch to go straight into the game.

      Having the warning there means that no matter how Lose/Lose is misused, people will always be aware of what it’s capable of. The controversy lies in the motivations of anyone who’d think that it’s a bad idea for Symantec to warn people of possible dangers.

    • Ozzie says:

      Sure, but I would have to modify it. I mean, I could also modify Firefox and instruct it to wipe the harddrive at startup. Or tell a partition manager that it automatically reformats your partitions. Or whatever, y’know.
      Under your argument every program is a potential virus.
      So far, Lose/Lose isn’t one. It might be with modifications, but that’s the case with every program anyway.

    • Ozzie says:

      Create a new text file, name it eraser.bat.
      Open it in a text editor. Write “del *.*”. Save the file.
      There, you have a virus. Feel free to share!

    • CMaster says:

      No, what you’d have there would be at most a trojan, provided you mislabelled it.
      Anyway, part of the point from Symantec’s view is that the game is now tagged and watched. If anyone does modify it, their software should ID that, too.

  43. Tei says:

    The Troyan Horse was a Troyan because It was “labeled” and safe, so was admited inside the city of Troya. This game is not labeled as safe, is well described as a program that will delete random files. So is not a troyan.

    I remenber a old version of Doom where killing a imp resulted as killing a task. Whas that game a troyan too?
    link to cs.unm.edu

    “OSX.Loosemaque is a Trojan that appears to be a video game, but deletes files from the home folder when a user plays it.”

    “but”? is the point of the game. consequences that hurt the player… is artsy game, not a troyan, you Symantec morons and your bloat crapware.

    “The Trojan may arrive on the computer as a application folder with the following name: lose lose.app When executed the user is presented with a video game.”

    Any app arrive on the computer as a folder and wen execute it appears.

    “When the user character is destroyed, the game ends, and the Trojan sends the user’s score to the following server, then deletes itself from the compromised computer”

    Compromised how? a compromised computer is a computer where a cracker has ben accesed. This app is not a cracking attemp, but a artsy game.

    • Optimaximal says:

      I find it hilarious how you persisted in calling it a ‘Troyan’, even when you copied and pasted multiple instances of ‘Trojan’

      /grammar nazi

  44. Psychopomp says:

    Why so much vitriol leveled against the game? Did the creator rape you as a child?

  45. Mort says:

    I’m finding the mild raging going on here by a few more entertaining than anything else.

    I’m not seeing anything controversial at all about anything, just another day on the internet.

    For starters this appears to be a Mac game which means it’s impact will be minimal, particularly in the workplace! Also, as far as I can tell only Norton have added this to their malware definitions, so we need not worry about antivirus companies nannying us (jeez).

    Having a look at this guys site, he’s spent years coming up with partially bonkers art-wank with less than sophisticated messages, including his latest project being talked about here.
    For Lose Lose it’s (taken from the site) “Why do we assume that because we are given a weapon an awarded for using it, that doing so is right?” Quite.
    Of course it’s not malicious, like cars arent made just to kill people. But people /are/ stupid, and someone will get caught out by this, possibly someone with Norton installed.
    Norton are just covering their arses.
    But in reality I suspect very very few will encounter this game in anyway, let alone have it in the computers.
    He’s an artist, he provokes debate with ridiculous statements like that above, Norton and all of us have just played right into that.

  46. Mort says:

    I’m finding the mild raging going on here by a few more entertaining than anything else. I’m not seeing anything controversial at all about anything, just another day on the internet.

    For starters this appears to be a Mac game which means it’s impact will be minimal, particularly in the workplace! Also, as far as I can tell only Norton have added this to their malware definitions, so we need not worry about antivirus companies telling us to eat veg.

    Having a look at this guys site, he’s spent years coming up with partially bonkers art-wank with less than sophisticated messages, including his latest project being talked about here.
    For Lose Lose it’s (taken from the site) “Why do we assume that because we are given a weapon an awarded for using it, that doing so is right?” Quite.
    Of course it’s not malicious, like cars arent made just to kill people. But people /are/ stupid, and someone will get caught out by this, possibly someone with Norton installed.
    Norton are just covering their arses.
    But in reality I suspect very very few will encounter this game in any way, let alone have it on their computers.
    He’s an artist, he provokes debate to justify his work with ridiculous statements like that above, Norton and all of us have just played right into that.

  47. Gundrea says:

    In IT security the most vulnerable point is always the wetware.

  48. Mort says:

    Sorry about double post. I think the 'roll a 6 to start' comments system should be classed as malware!!

  49. Risingson says:

    Now, saying that this is art or a joke… it DELETES files. Deletes. Erases. Removes. And random files. This is not a joke, or it is a very bad one for people with psychotic sense of humor.

    • Tei says:

      “Now, saying that this is art or a joke… it DELETES files. Deletes. Erases. Removes. And random files. This is not a joke, or it is a very bad one for people with psychotic sense of humor..”

      Is not a joke, the game is letally (deletally?) serius. More serius (seems) that most people expect from art. It could be because most stuff we see about art is meaningless.