• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Flight sim DLC maker used malware to steal pirates' passwords

Recommended Posts

Jim K    10,490
Quote

Piracy is an issue for games and other software developers. Some handle it in novel ways, like deliberately making pirated versions of a game near unplayable, or by releasing their software for free. One piece of flight simulator software had an unusual, and controversial technique: infecting pirates with malware designed to steal their Chrome passwords.

 

“The inclusion of a malware, in the form of a password dumper, in a trusted installer for the sake of combating piracy is absolute insanity,” Andrew Mabbitt, founder of cybersecurity company Fidus Information Security and who originally flagged the issue to Motherboard, said. Kurtis Baron from Fidus also worked on digging through the program.

 

////

(from FlightSim Labs)

“First of all—there are no tools used to reveal any sensitive information of any customer who has legitimately purchased our products. We all realize that you put a lot of trust in our products and this would be contrary to what we believe,” he wrote; emphasis his own.

 

“There is a specific method used against specific serial numbers that have been identified as pirate copies and have been making the rounds on ThePirateBay, RuTracker and other such malicious sites,” he added. Often software users need to enter a key or string of characters in order to activate a program. In this case, it appears that if the key was one FSLabs already knew was being used by software pirates, then the password stealer would kick in.

 

But, the malware file itself, even if not activated, was still “dropped on every single PC it [the FSLabs software] was installed on,” Mabbitt said.

 

/snip

 

Full article at Motherboard

Reddit thread

FSLabs Response

 

Surely this can not be legal to intentionally deploy an installer with a malware payload?  What extent can a private company conduct an investigation to get evidence...substituting themselves for official authorities?  I would think stealing information from a pirate is not justified, because they are still protected by law.  Not to mention that the malware payload was dropped on every single legitimitate users computer.

Share this post


Link to post
Share on other sites
Mando    5,113
5 minutes ago, Jim K said:

 

Full article at Motherboard

Reddit thread

FSLabs Response

 

Surely this can not be legal to intentionally deploy an installer with a malware payload?  What extent can a private company conduct an investigation to get evidence...substituting themselves for official authorities?  I would think stealing information from a pirate is not justified, because they are still protected by law.  Not to mention that the malware payload was dropped on every single legitimitate users computer.

Its not legal, they are actively pushing malware to protect their IP, Sony tried this with Rootkit DRM, and look how that panned out.

 

They have overstepped their mark and will get blasted for this.

 

 

Share this post


Link to post
Share on other sites
Skiver    1,909

What do they plan to do with those passwords? Is it just supposed to be some sort of empty threat?

 

Agreed with you guys, this is just plain stupidity on the Devs part. You can't commit a crime against someone and claim "but they did it first", an incoming law suit in 3...2...1...

Share this post


Link to post
Share on other sites
Mando    5,113

its steals all the chrome passwords from the cache....hot water inbound!

 

http://www.theregister.co.uk/2018/02/20/pirates_privates_exposed_flight_simulation_addon_nosedives_into_chromes_cache/

 

Unfortunately for the Flight Sim Labs team, the only door likely to receive a knocking by the forces of law and order is their own. With UK and Greece-based team members, the company may find themselves at the sharp, pointy end of the UK Computer Misuse Act, which is pretty specific about unauthorised access to personal data as well as the impending EU-wide GDPR legislation, which is due to hit in May 2018.

 

the devs have now literally filled their underpants and are trying to back out/justify their actions to prevent priacy.

 

https://forums.flightsimlabs.com/index.php?/announcement/11-a320-x-drm-what-happened/

 

From the Devs:-

Realizations

As I mentioned in the first paragraph above, I wanted to ensure full disclosure first and foremost to our customers, some of who feel their trust was violated. This was not our intention and we take full responsibility. What we now understand to have been an overly heavy-handed approach to our DRM installer efforts also meant that our support team strictly followed the instruction guidelines without being aware of the inclusion of DRM tools in any of our installers.

I also want to reiterate there was no personal data sent or kept that would mean a breach of privacy, except for that subset of information regarding the web sites mentioned above.

We have already replaced the installer in question and can only promise you that we will do everything in our power to rectify the issue with those who feel offended, as well as never use any such heavy-handed approach in the future. Once again, we humbly apologize!

 

Apologise all you like, youve Broken the Computer Misuse Act in the UK.

Share this post


Link to post
Share on other sites
+FloatingFatMan    15,580

Having just had to complete a GPDR training course for work, I wonder if these guys even looked at that incoming legislation, not to mention the UK's computer misuse act?  I hope they can afford the massive fines heading their way...

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.