Flight Sim Labs explain why they put malware in premium DLC | PCGamesN

Flight Sim Labs explain why they put malware in premium DLC

Subscribe to PCGamesN on YouTube

Update, February 20: Flight Sim Labs say they were only targeting one user when they uploaded malware in a file for a premium aircraft.

The head of Flight Simulator X developers Flight Sim Labs has confirmed that the company did include malware in one of their jets, but says that the company was only targeting one specific player.

Check out the best simulation games on PC.

In a post on the company forums, Lefteris Kalamaras refers to the malware as DRM, and explains how and why the company attempted to take action against the player. He begins by saying that genuine customers copies of the game would automatically remove the malware after proper installation was complete, and the tool would not activate.

The reason for using the DRM, according to Kalamaras, stemmed from an attempt to target "specific crackers who were successful in sidetracking our protection system by using offline serial number generators." The company didn't know how this was happening, but discovered a set of information from specific IP addresses which lead them to the name of one of the crackers (who was distributing free keys for $100 DLC). They couldn't, however, access the websites they were using to distribute the premium content.

Eventually the company locked down the IP address of a single cracker, and decided to capture his (and only his) information. That attempt was successful, and Flight Sim Labs say they discovered an "entire web of operations" working to generate pirated copies of Flight Simulator X and "a whole host of other flight simulator" products from different companies. 

Kalamaras says that the tool used in the attempt "will never execute on your machine - unless you were the particular person targeted," but says the company takes full responsibility for customers "who feel their trust was violated." No personal data was sent or kept by the tool, and the installer has been replaced.

Original story, February 19: Flight Sim Labs make premium add-ons for Microsoft Flight Simulator X and Lockheed Martin’s Prepar3D software. With prices on individual planes coming near - and exceeding - $100, it’s probably no surprise that some players have taken to pirating these digital jets. More surprising is the fact that Flight Sim Labs loaded their add-ons with DRM that has the power to steal passwords in an effort to thwart these pirates.

A user on Reddit noted a suspicious file coming with the installer for the A320-X jet airliner called “text.exe,” which is listed as a Chrome password dump tool. He tells Rock, Paper, Shotgun that he “was keen to understand why exactly the installation package was triggering antivirus alerts so often.”

Lefteris Kalamaras at Flight Sim Labs responded shortly after on the official forums, saying “we were made aware there is a reddit thread started tonight regarding our latest installer and how a tool is included in it, that indescriminantly [sic] dumps Chrome passwords. That is not correct information - in fact, the reddit thread was posted by a person who is not our customer and has somehow obtained our installer without purchasing.”

Essentially, the password dump tool activates on copies of the installer with the same serial number as those on ThePirateBay, RuTracker, and other piracy sites, and then “takes specific measures to alert” the company, adding that the file would not remain after installation on properly purchased copies. Kalamaris says “this method has already successfully provided information that we're going to use in our ongoing legal battles against such criminals.”

“There are no tools used to reveal any sensitive information of any customer who has legitimately purchased our products,” Kalamaris says, with his own bold for emphasis.

Still, including a password thieving tool as DRM was naturally controversial, with players feeling it’s a step way too far to combat piracy, and even questioning the legality of the measure.

In a later update, Kalamaris confirmed that the installer had been changed to remove the tool, saying “we realize that a few of you were uncomfortable with this particular method which might be considered to be a bit heavy handed on our part.”

GOTW
Sign in to Commentlogin to comment
hfm avatarBraneman avatarxNuke avatarWhiteCrow avatarJimbob avatarSkankwOn avatar
hfm Avatar
302
4 Months ago

They had to know this was going to be discovered, and also they had to know there would be a backlash. Bad decision.

2
Jimbob Avatar
21
4 Months ago

People did complain it got picked up by AV software, but they claimed it was a "false positive"

1
SkankwOn Avatar
195
4 Months ago

The fact they decided to remove it after people complained screams "shit, they've sussed us out" which in turn is pretty much an admission of wrong doing. Tut tut.

(Edit) [48 mins played] Erm, don't remember playing this, I have too many games!

1
Braneman Avatar
168
4 Months ago

would the courts uphold evidence that was obtained through a virus?

2
xNuke Avatar
519
4 Months ago

It was probably in the T&Cs which everyone definitely read and agreed to at some point when buying/installing.

So maybe?

2
WhiteCrow Avatar
697
4 Months ago

Doubtful, unless it's mentioned in some form of EULA the user agrees to I'd imagine. The power of an EULA can be sketchy and is all over the place in terms of legal power as history shows, but in this case I think what they did is considered illegal, so an EULA wouldn't matter much.

1