We may earn a commission when you buy through links in our articles. Learn more.

Flight Sim Labs explain why they put malware in premium DLC

flight sim labs a320 drm password dump

Update, February 20: Flight Sim Labs say they were only targeting one user when they uploaded malware in a file for a premium aircraft.

The head of Flight Simulator X developers Flight Sim Labs has confirmed that the company did include malware in one of their jets, but says that the company was only targeting one specific player.

Check out the best simulation games on PC.

In a post on the company forums, Lefteris Kalamaras refers to the malware as DRM, and explains how and why the company attempted to take action against the player. He begins by saying that genuine customers copies of the game would automatically remove the malware after proper installation was complete, and the tool would not activate.

The reason for using the DRM, according to Kalamaras, stemmed from an attempt to target “specific crackers who were successful in sidetracking our protection system by using offline serial number generators.” The company didn’t know how this was happening, but discovered a set of information from specific IP addresses which lead them to the name of one of the crackers (who was distributing free keys for $100 DLC). They couldn’t, however, access the websites they were using to distribute the premium content.

Eventually the company locked down the IP address of a single cracker, and decided to capture his (and only his) information. That attempt was successful, and Flight Sim Labs say they discovered an “entire web of operations” working to generate pirated copies of Flight Simulator X and “a whole host of other flight simulator” products from different companies.

Kalamaras says that the tool used in the attempt “will never execute on your machine – unless you were the particular person targeted,” but says the company takes full responsibility for customers “who feel their trust was violated.” No personal data was sent or kept by the tool, and the installer has been replaced.

Original story, February 19: Flight Sim Labs make premium add-ons forMicrosoft Flight Simulator Xand Lockheed Martin’s Prepar3D software. With prices on individual planes coming near – and exceeding – $100, it’s probably no surprise that some players have taken to pirating these digital jets. More surprising is the fact that Flight Sim Labs loaded their add-ons with DRM that has the power to steal passwords in an effort to thwart these pirates.

A user on Reddit noted a suspicious file coming with the installer for the A320-X jet airliner called “text.exe,” which is listed as a Chrome password dump tool. He tells Rock, Paper, Shotgun that he “was keen to understand why exactly the installation package was triggering antivirus alerts so often.”

Lefteris Kalamaras at Flight Sim Labs responded shortly after on the official forums, saying “we were made aware there is a reddit thread started tonight regarding our latest installer and how a tool is included in it, that indescriminantly [sic] dumps Chrome passwords. That is not correct information – in fact, the reddit thread was posted by a person who is not our customer and has somehow obtained our installer without purchasing.”

Essentially, the password dump tool activates on copies of the installer with the same serial number as those on ThePirateBay, RuTracker, and other piracy sites, and then “takes specific measures to alert” the company, adding that the file would not remain after installation on properly purchased copies. Kalamaris says “this method has already successfully provided information that we’re going to use in our ongoing legal battles against such criminals.”

“There are no tools used to reveal any sensitive information of any customer who has legitimately purchased our products,” Kalamaris says, with his own bold for emphasis.

Still, including a password thieving tool as DRM was naturally controversial, with players feeling it’s a step way too far to combat piracy, and even questioning the legality of the measure.

In a later update, Kalamaris confirmed that the installer had been changed to remove the tool, saying “we realize that a few of you were uncomfortable with this particular method which might be considered to be a bit heavy handed on our part.”