A company who makes add-ons for Flight Simulator X included malware in one of their downloadable jets, players have alleged. The malicious file is called ‘test.exe’ and it is designed to extract passwords from the Chrome web browser, according to the user who discovered it. The company in question, Flight Sim Labs, have since replaced the dirty jet with a clean one. But they say that to claim the file “indiscriminately dumps Chrome passwords” is “not correct information”, adding that the malware was “only extracted temporarily” and that it was targeted at pirates. The head of the company describes the file as “DRM”.
Flight Sim Labs usually make planes you can download for Microsoft’s Flight Simulator X, like the Concorde-X. Or other tools, like one that lets you control the lights on your aircraft. But an installer for one plane, the A320-X (an airbus commonly used by EasyJet or American Airlines) was triggering anti-virus alerts for some players. Reddit user crankyrecursion examined his copy of the installer “simply out of curiousity” and found the embedded malware. He then posted a notice for other players.
“… there seems to be a file called ‘test.exe’ included. This .exe file… is touted as a ‘Chrome Password Dump’ tool, which seems to work – particularly as the installer would typically run with Administrative rights (UAC prompts) on Windows Vista and above.”
“I’m a technical person by nature,” he told us, “and I was keen to understand why exactly the installation package was triggering antivirus alerts so often.”
The head of Flight Sim Labs, Lefteris Kalamaras, responded to concerned pilots on the company’s forums, claiming that the Reddit post was made by someone with a pirated copy.
“First of all – there are no tools [his emphasis] used to reveal any sensitive information of any customer who has legitimately purchased our products… ”
However, he then admits that there is a “specific method” which affects anyone whose serial number matches versions being shared on piracy websites like The Pirate Bay. In other words, the password-extracting ‘test.exe’ file was in all copies of the installer but only “triggered” if the user was deemed a “pirate”, according to Kalamaras.
“‘Test.exe’ is part of the DRM,” he said, “and is only targeted against specific pirate copies of copyrighted software obtained illegally.”
If such a specific serial number is used by a pirate (a person who has illegally obtained our software) and the installer verifies this against the pirate serial numbers stored in our server database, it takes specific measures to alert us… That program is only extracted temporarily and is never under any circumstances used in legitimate copies of the product. The only reason why this file would be detected after the installation completes is only if it was used with a pirate serial number (not blacklisted numbers).
This method has already successfully provided information that we’re going to use in our ongoing legal battles against such criminals.
Unsurprisingly, players were not convinced. They continued to complain and Kalamaras later amended the post, saying that the offending malware has been removed from the installer completely.
“… we realize that a few of you were uncomfortable with this particular method which might be considered to be a bit heavy handed on our part,” he said.
So, yeah, turns out imaginary planes is a muddy business. For context, Flight Sim Labs are selling their A320-X airbus for $99.95 , so it’s not that surprising a black market in these digital aircraft has arisen. This is clearly a problem for those who work on the aircraft and rely on good sales for a paycheck. However, putting password-farming malware into your airplanes probably isn’t the most sensible response.
“I think their official response leaves a lot of information out,” said crankyrecursion, the user who discovered the malware, “and is a blatant attempt at trying to divert attention away from the real issue and back towards piracy.
“I imagine there would be a lot of issues surrounding them having users’ passwords stored on their servers, particularly if the lists included banking details or perhaps work usernames and passwords. Computer code is never 100% perfect and it would be easy for legitimate customers to be swept up in this “pirate-only” DRM.”
We’ve contacted Flight Sim Labs for comment and will update this story if they get back to us.
19/02/2018 at 14:02 ahac says:
I’m pretty sure this is illegal in most countries even if they just target pirates.
19/02/2018 at 14:05 pookie101 says:
And that sound is the noise of future sales of any of their products drying up
19/02/2018 at 14:05 Finstern says:
I cannot imagine a single scenario where mining someones encrypted private data from their personal machines is even remotely legal, regardless how they acquired the product.
What are they doing with the passwords? Logging into their email accounts to get a more solid lead on who they are in order to sue them?
Yikes.
19/02/2018 at 14:14 Mezelf says:
Calling software pirates “criminals” is just… How small does your world have to be for your to apply such a label to anyone who downloaded a file from the internet, the same label you’d apply to a murderer or rapist.
19/02/2018 at 14:27 cqdemal says:
crim·i·nal
noun: criminal; plural noun: criminals
1.
a person who has committed a crime.
crime
noun
an action or omission that constitutes an offense that may be prosecuted by the state and is punishable by law.
Seems all right to me.
The wrong part in all this was using criminal methods to get back at criminals (if that was even the real explanation), not calling criminals what they are.
19/02/2018 at 14:34 DefinitelyNotHans says:
Sounds like one of those “I wasn’t going to buy it either way, therefore I haven’t actually done anything wrong” kids.
19/02/2018 at 14:41 Evan_ says:
“Criminal” is a good enough word if you want to blur the thin line between murderers, rapists, people who ever smoked a joint or who kept using WinRar for more than 30 days. I don’t see the problem.
19/02/2018 at 15:02 The First Door says:
Are you genuinely serious? What the actual heck is wrong with you? Have you lost all sense of subtly or ability to understand graduation?
Yes, if you commit piracy you have committed a criminal act and are therefore a criminal. If you’ve smoked a joint somewhere it isn’t legal, it’s also criminal. You can go to jail for both of these things. Obviously some crimes are worse than others, that’s why we have different sentences for different crimes. Good grief!
19/02/2018 at 15:18 Alonso says:
Not very familiar with terminology or general law in anglo world, but isn’t there a difference between civil and criminal cases, as in having infractions (not considered a criminal offence in many places), and then misdemeanour and felony offences?
“In California, for example, possession of less than 1 ounce of marijuana is considered an infraction. It’s therefore subject to a fine, instead of prison time, and will not be included in a person’s criminal record.”
link to criminal.findlaw.com
19/02/2018 at 15:42 The First Door says:
Yeah, there is definitely a split between criminal and civil things here too, although I’d not know where to start with it, to be honest. But still, my point was that if you’ve committed a crime where you are it’s a crime, and the justice system isn’t so bonkers as to think all crimes are the same!
19/02/2018 at 14:29 Kefren says:
Good old DRM. Introducing risk, security holes, potential problems and inconveniences to customers since Nineteen Canteen. Last time I had hassles with it was when DRM was added to a demo for a game I was vaguely interested in. Not surprisingly I won’t buy the full version while they use that system.
19/02/2018 at 14:35 RvLeshrac says:
Not only is this outright illegal in every first-world jurisdiction, no judge in their right mind would allow any of the “evidence” they’ve “collected” to be used in any lawsuit.
19/02/2018 at 14:36 Sian says:
So basically they’re trying to be vigilantes? Yeah, not okay, and that’s coming from someone who doesn’t like people pirating software.
On the other hand I’m astonished that anyone is willing to pay almost $100 for a single type of plane in a flight sim. Or did I get that wrong?
19/02/2018 at 14:52 Slazia says:
Small market and large time investment. They have to make money.
And steal passwords.
19/02/2018 at 14:54 mattr_94 says:
$100 has become around the normal price for the top end aircraft addons for P3D (the flight sim that most simmers are using after microsoft sold their flight sim brand and code). For comparison another company called PMDG sell their 737, 747 and 777 addons for around the same price. This A320 by FSLabs took about 8 years for them to make and I dread to think how much it cost them to develop.
The addon itself is incredible, just watch the linked video to see how much detail they’ve modelled even down to things that you can’t even see, such as the fly by wire logic.
Which makes it even more of a shame that they’ve decided to go down this route to try and stop pirates.
19/02/2018 at 15:13 Sian says:
I didn’t know the sim market was that enthusiastic. I mean, they could make less detailed, less work-intensive models and charge less; I’m just floored that this is what the market wants.
The devs have to be quite passionate themselves to invest this much into a single model, which makes it doubly sad that they resorted to malware for DRM. I get why they need to combat piracy – with prices like these everybody who enjoys the fruits of their labour for free hurts them a lot more than other devs – but this just isn’t the way to do it.
19/02/2018 at 15:33 mattr_94 says:
There are already A320 simulations on the lower end of the market, two companies, Aerosoft and Blackbox, have developed more basic versions of the A320 and charge 40 and 30 euros respectively. The market FSlabs have developed for is what is called “study level”, the idea that you have to understand the aircraft and its systems to get it off the ground.
The Aerosoft A320 for example, has a “co-pilot” system which will program the aircraft and press all the switches required without the user having to understand what is actually going on.
But anyway back to the shady DRM, it’s amazing that they ever thought they would get away with it, even if it has taken 18 months since they initally released it.
19/02/2018 at 14:37 Evan_ says:
I’m the scourge of the seven seas, and I’d love to see how those “legal battles against such criminals” will unfold.
19/02/2018 at 14:38 Twitchity says:
Does the company in question have licensing deals with the companies whose jets they’re modeling? If not, they’re engaging in IP piracy on a much larger scale…
19/02/2018 at 14:41 mxxcon says:
I’d like for this zealous company to crash and burn under a class-action lawsuit for violating its customers privacy.
19/02/2018 at 14:53 Skiv says:
100 bucks for one plane. Something is seriously wrong here.
Heck, even EA is cheaper
19/02/2018 at 15:09 khamul says:
I’ve been working in digital goods of one sort or another for most of my life, and I kinda like being paid for the work I do, which means that I kinda like the business I work for being paid for its product. So I am against piracy, and I have sympathy with DRM.
But here’s the thing: if there’s one thing that’s been proven over the last few years, it’s that DRM-free as a business model is viable. Hell, ‘pay-what-you-want’, as a business model is viable. The solution to piracy is not DRM. It’s fair pricing. Enough people *will* pay for goods, even if they don’t have to, if they can.
Which kind of implies the corollary: if a business is having problems with piracy and/or DRM, what does that say about their pricing?
19/02/2018 at 15:15 Kefren says:
I agree with you. I make my living from things that can be easily pirated. And yet I never add DRM. And each year things are getting better, with more and more sales (sometimes getting in Amazon top tens). Totally viable. My purchasing decisions go that way too – I buy games and music that are DRM free, often more than I need, just to support people. And I hold back from purchases that have DRM, because I am never that desperate.
19/02/2018 at 15:14 Urthman says:
Comparing an incredibly accurate simulation of a real-world airplane to some disposable EA game is just silly. People who would really use this thing (as opposed to just wanting to glance around the cockpit, which is likely what many of the pirates were doing) have already spent hundreds of dollars on flight sticks and maybe pedals and this is probably their primary hobby – not “gaming” but flying planes (in many cases both real and simulated).
19/02/2018 at 15:14 Yachmenev says:
I’m not playing Flight Sims, but if paid for a product that tried something like this, even if it’s only intended towards pirates, they would lose my business. And if it was one Steam, I would have fought for a refund.
The “if you don’t have anything to hide, there’s no need to worry” is a frightening mindset to use anywhere.
Don’t care the slightest if it’s succesful. A company have no right to include tools that can scan for private things, and I hope (although it’s not likely) that they’re sued for this.