FSLabs Bundled Password-Stealing Malware Into A320 Flight Sim Expansion as Anti-Piracy 'DRM'

Written by Jon Sutton on Tue, Feb 20, 2018 10:00 AM

FlightSimLabs’ A320 expansion pack includes bundled in password-stealing malware as a form of DRM.

The controversy came to light when a user on Reddit reported that FSLabs’ A320 installer had the file 'FSLabs_A320X_P3D_v2.0.1.231.exe', inside which there’s another application simply dubbed ‘test.exe’. This second executable is, in fact, a ‘Chrome Password Dump’ tool, accessing the web browser’s stored passwords and dumping them to a text file. Yep, you heard that right, a developer bundled in malware into its own game in order to combat piracy.

Understandably, flight sim fans weren’t too pleased with this and FSLabs quickly responded, saying “‘Test.exe’ is part of the DRM and is only targeted against specific pirate copies of copyrighted software obtained illegally.” More specifically, the malware targets specific serial numbers that have been identified as pirate copies currently being shared on torrent sites. If the serial number used lines up with FSLabs’ list of pirated keys, the installer then runs ‘Test.exe’ and dumps the Chrome passwords and displays them in a readable format. According to information security specialists Fidus, this text file is then encoded with Base64.exe then sent over an unsecured HTTP connection.

As the malware apparently only targets pirates, FSLabs suggest that these tools will not “reveal any sensitive information of any customer who has legitimately purchased our products. We all realize that you put a lot of trust in our products and this would be contrary to what we believe.”

It's not difficult to come to the conclusion that this is an absolutely insane way of doing things. The very fact it’s covert means it doesn’t act as a deterrent to piracy itself, and what exactly does FSLabs into to do with the information it has harvested? They then proceed to attempt to shift the entire blame onto the Reddit user who brought it to light, claiming “The only reason why this file would be detected after the installation completes is only if it was used with a pirate serial number (not blacklisted numbers).”

Since the malware came to light yesterday, FlightSimLabs has issued a more extensive policy and updated the installer so it doesn’t include the “DRM check file”. In a statement, the FSL team said it wants “to reiterate and reaffirm that we as a company and as flight simmers would never do anything to knowingly violate the trust that you have placed in us by not only buying our products but supporting them and FlightSimLabs.

“While the majority of our customers understand that the fight against piracy is a difficult and ongoing battle that sometimes requires drastic measures, we realize that a few of you were uncomfortable with this particular method which might be considered to be a bit heavy handed on our part.”

On the one hand I’m perfectly fine with developers messing with pirates, but password stealing is on another level entirely for a legitimate business. Not to mention that this malware was in the installer for legitimate users, it just wasn’t being utilised if they had a verified CD key.

What are your thoughts on this, is this a step too far for DRM? Was it right to bundle it in for legitimate users, even if the malware was benign? Let us know what you think!

Login or Register to join the debate

Rep
41
Offline
admin approved badge
03:08 Feb-21-2018

This makes me wanna stay away from FSLabs. that sounds really risky no matter how they explains it. even if it only target those with pirate copies. "Oh I have the legit copy, I dont have to worry about this password stealing malware in my system" Seriously?

0
Rep
94
Offline
09:39 Feb-24-2018

Well, if I'm correct, windows defender (with an update) will probably flag it as malware and remove the program. Windows defender is kinda neat against those type of malware

1
Rep
76
Offline
admin approved badge
21:58 Feb-20-2018

People like that would deserve prison. Or getting sued till their company no longer exists. I can understand that they want to fight piracy, but that is straight up illegal and idiotic. I mean it is on the level of North Korea, which hides behind their nukes, because they know no one will touch them.

6
Rep
76
Offline
admin approved badge
22:00 Feb-20-2018

I really hope there will be serious consequences for the company. Just because someone steals from the store, this doesn't mean they get right to rob them back. That is why we have law and justice system. Otherwise we might go back to trial by gun and start shooting each other.

3
Rep
94
Offline
18:49 Feb-20-2018

Doing something illegal to prevent people doing something illegal. Okay, guess we won't use logics anymore.

18
Rep
25
Offline
admin approved badge
18:16 Feb-20-2018

Violating trust ? talk about violating law, fighting a crime with another crime doesn't make you less guilty.

4
Rep
85
Offline
17:43 Feb-20-2018

Developers trying to steal your passwords that's enough internet for today.

8
Rep
36
Offline
15:02 Feb-20-2018

If game critics catch wind of this, they will be in for a world of hurt. I can't wait!

1
Rep
3
Offline
14:25 Feb-20-2018

laughing in firefox :P

13
Rep
11
Offline
13:59 Feb-20-2018

My whole PC is a 700GB Pirate Bay software, TV shows and game collection . I am actually quite proud of it, but would still buy products if I had le maneyy. Heh life of a broke ass collage student in a 2nd world country gotta love it. Anyways my thought on this is instead of wasting money on "DRM" better use it to make a better quality software,etc.. It is bound to get Pirated so why waste resources on a loosing battle that lets be realistic harms very little and quite often unnoticeable. But I guess you have to launder money somehow, why not do it on a overpriced useless software "DRM".

-9
Rep
12
Offline
16:12 Feb-20-2018

Man you never say if you pirate or not.

5
Rep
13
Offline
16:29 Feb-20-2018

Dude, you don't say you pirate on this site, it's guaranteed way to get your post disliked no matter what else is written on it.

6
Rep
11
Offline
18:55 Feb-20-2018

I know it is a guaranteed way to get dislikes but I don't care it's fun to make people angry :D. Bet you 50$ most of them have half of their PC pirated at the very least.

-6
Rep
32
Offline
20:41 Feb-20-2018

You don't even have 50 bucks my dude. Just focus on getting your life together, instead of feeling cool because of l33tz0rX pirating (which it isn't). And who knows, if you spend the time you waste on pirated stuff on actual progression in your life, you might even be able to buy stuff one day. Money can be made everywhere

0
Rep
11
Offline
20:45 Feb-20-2018

I am 19 going to engineering collage. I am studying to be rich my friend.

-1
Rep
32
Offline
00:29 Feb-21-2018

I hope you do. It's up to you how you live your life and what you achieve. But please just keep talk of pirating off of this website, there's plenty of other places where you can do that. We like to support the creators of the digital art forms here, not undermine them.

0
Rep
13
Offline
21:37 Feb-22-2018

lol what, how do you pirate a PC? We can't make free copies of physical objects (yet).

0
Rep
11
Offline
21:59 Feb-22-2018

Read the post again but carefully.

0
Rep
12
Offline
18:36 Feb-20-2018

Exactly and pirating is not something to be proud of.People worked hard,hours to make these games no matter if we like the company or not.

2
Rep
11
Offline
18:46 Feb-20-2018
0
Rep
11
Offline
21:00 Feb-20-2018

Well if any of you lived in a country that got bombed and keeps being bashed by the west you wouldn't have much of a choice now would you. You know people here live on 300$ a month. But I know for you western flowers think Pirate Bay is a sin. Let's ses you western fuks live with 300$ a month. God damn there are so many flowers on this site when it comes to torrent, grow a pair for fuk sake and get your head out of your asses. Prate Bay is the reality, probably half of the world use it on day to day basis not beacuse they want to but because they have no choice. You think it is nice to Pirate well it IS NOT NICE, risking your...

-1
Rep
11
Offline
21:04 Feb-20-2018

personal stuff and PC to all sorts of stuff. And not to mention that it doesn't even work most of the times. And yea I AM PROUD OF IT, it is not easy to get things working, it takes a bit of know how, so yeah. I have already been burnt on this site a few times for saying the "torrent" word and i'll keep doing it because I am not saying anything wrong nor disrespectful, I am not posting links to to torrents nor am i promoting torrenting.

0
Rep
32
Offline
00:35 Feb-21-2018

We can understand your personal situation might be very hard, we all make the best of what we have, but expect to get banned if you keep talking about pirating. And by generalising people into western/eastern groups, you contribute to the fact that there is a disconnect between our society's. You choose to be here on this site, and you're most welcome. Just know that there are rules here as well.

0
Rep
11
Offline
08:04 Feb-21-2018

I thank you for your life lessons.... As for getting baned, yea I know, people on this site and generaly everywhere tend to undermine you when you speak your mind no mater how helpful you are and how long you have been a part of the comunity.

1
Rep
32
Offline
09:10 Feb-21-2018

My dude, don't play the victim card now. This is a debate website, with it's on set of rules. You're speaking your mind, I'm speaking mine. I'm not trying to teach you anything, I'm just saying where I stand. Plus, It doesn't matter how long you've been here, breaking rules is breaking rules. Freedom of speech doesn't mean freedom of consequence.

0
Rep
383
Offline
senior admin badge
09:15 Feb-21-2018

Let's keep it civil. Tmario98, there's no need for the insults even if you think it's fun to make people angry. It's a shame because you do make some good points when you're not being aggressive.

1
Rep
32
Offline
10:07 Feb-21-2018

I agree. I actually enjoy these kinds of discussions, always something to take away from it. I'm glad Tmario98 spoke his mind and is continuing to do so, it's one of the biggest parts of freedom there is, there aren't a lot of people who'll do it that way and stand behind it. I also apologize for being a bit offensive in the first post btw, wasn't my best moment but I do stand behind what I said.

1
Rep
11
Offline
10:46 Feb-21-2018

Hay hay hay wait a second I HAVE NOT insulted anyone personally nor have i ever on this site nor do I intend to, I HAVE insulted country's as a general because they very very much deserve it and they deserve much worse, but ok I see your point. As for Pirate Bay I rely don't see what the big deal is rely I don't. Everyone here is like uuu bad "Pirates" down with the subhuman's, but 10min later (not literally of course) on other post everyone goes on supporting Pirating and gladly speaking about it bashing company's for making a sub par game and microtransactions, saying they should get they'r games cracked. Even on this post here..

0
Rep
11
Offline
10:55 Feb-21-2018

there are people supporting pirating. There is a guy right below me that said he was a pirate yet no one said anything just because he allegedly "bought" all of his games. I could have said the same yet I remained honest and said the truth about it and I said in the first post that I would buy games if i had the money. You know what I hate hypocrite's, but most of all I hate people that live in a bubble and don't accept the reality. And no I am not being aggressive (that much) I am just stating facts about the world. And I thank you both for saying I make good points, you make some as well and I am not angry at anyone personally....

0
Rep
11
Offline
11:05 Feb-21-2018

I am angry that so many are being ignorant in realizing the reality and being "personally insulted and assaulted" by someone saying "I be Pirating games or torrenting" like it is a sin against humanity and God himself. I am repeating my self yet again, as long as NO ONE post's links nor promote's torrents I don't find the problem in talking and "debating" the subject of torrent and even boasting about torrent's. Sad thing is most probably don't even read posts after seeing the word torrent or Pirate, not talking about mine in particular, and automatically bashing the person for saying it and not reading the post in its entirety.

0
Rep
11
Offline
11:16 Feb-21-2018

Oh and please don't act like I am wrong because it is the truth. "THE TRUTH HAS BEN SPOKEN" just kidding had to do it XD. But no rely you know I am AT THE VERY LEAST partly right about the things I have said. My advice revise the "Pirate" speaking rules because it is harming no one and most people have something to say about the subject and could make for an AMAZING debate but are afraid of the backlash. YES Pirating is bad VERY BAD but it is not the end of the world that makes everyone go bankrupt it is something that is very common and it hardly even makes a dent on the billions op on billions of $$$ company's steal...I mean make.

0
Rep
383
Offline
senior admin badge
11:24 Feb-21-2018

I think you're arguing with yourself now. There are no rules that you can't speak about the topic of piracy, you just can't advertise it and post links to it here on GD. Your posts wouldn't still be here otherwise. If people want to downvote you though, then that's totally fine.

0
Rep
11
Offline
11:25 Feb-21-2018

Damn this turned out to be a huge read, sorry for that. Anyways thanks for the "debate" it's actually quite fun I must say, hmmm yes indeed, jolly good show ma boy's, tips his monocle and takes a puff from his cigar. Oh and please read the entire thing before making any statements or mindless bashing because it is rude to do so and I don't want to repeat my self to much, it took time to write this and make it have sense.

0
Rep
11
Offline
11:34 Feb-21-2018

Actually Jon yea there are because you are admin and should know very well. In the past i have been warned by admins and once a year or two ago my post was removed because I was talking about Piracy similar like i did here NO LINKS, NO PROMOTION's just "Pirate stuff" also other people have been warned as well, and as far as downvotes go I am annoyed won't lie but they exist because that mentality was inforced upon when this site was made and its the mentality of the west and a lot of people here are from the west. But like you said downvotes are totally fine and i stand by that, have been downvoted multiple time's so no big fuss.

0
Rep
32
Offline
23:10 Feb-22-2018

Just so you know, I have nothing against you or what you do (I have also p'd a lot back in the day), but you're threading on thin ice contributing all of it to 'western society'. That actually really bothers me, so i'll try and explain why. I live in the west, and disagree with a lot of what's going on here, as well as in the east. Everything is interconnected beyond belief, look at Syria....

0
Rep
32
Offline
23:11 Feb-22-2018

It's just that if you keep thinking in the 'you vs me' mentality (or west vs east, or whatever), you're really denying yourself a full objective view of the world in my opionion. I've been observing the world actively for about a decade now, and there's so much wrong in all of the world, no matter where you are. But this is a game debate website, where we love to support art. That's why...

0
Rep
32
Offline
23:14 Feb-22-2018

I'm vividly against discussing pirating. This is one of the places where I can enjoy the world without the bull****, and focus on creating a nicer place for all of us, no matter who we are. And discuss things we actually like and stand behind. If you've pirated stuff, just don't say it... It distracts from what actually matters

0
Rep
32
Offline
23:15 Feb-22-2018

And thank you by the way, for your view on everything :) I don't agree with you on everything, but it has definetly been worth my time. Till next time!

1
Rep
11
Offline
14:29 Feb-23-2018

Likewise :)

1
Rep
12
Offline
13:50 Feb-20-2018

I am Batman

4
Rep
-4
Offline
12:58 Feb-20-2018

The fight against piracy is bollocks, just don't be a bad dev/publisher.
See: CD Project Red.

6
Rep
383
Offline
senior admin badge
13:05 Feb-20-2018

While I might be an outlier, as a non-pirate, the fight against piracy has made absolutely zero difference to my life in terms of gaming, aside from writing about the fight against piracy.

0
Rep
-4
Offline
13:30 Feb-20-2018

As a pirate I can tell you I bought all the games I found good and had pirated, and never bothered playing many that I pirated cause they were just bad.

10
Rep
96
Offline
admin approved badge
15:45 Feb-20-2018

Sure it had, you just didn't notice.
Imagine devs/publishers would invest the money the spend on anti piracy software into making a better product.
Imagine all those garbage ass PC ports we've had over the years that were littered with anti piracy software but couldn't maintain a bug-free stable 30FPS on $2000 PCs had their budget invested into making a good product and not keeping pirates from playing for 5 whole days.
Imagine devs/publishers would give enough of a sh*t to not have pirates as their first priority but the paying customer.
This became somewhat ranty, hope I got my point across.

6
Rep
383
Offline
senior admin badge
15:59 Feb-20-2018

I'm unconvinced that DRM affects performance, and I don't get angry if a game doesn't run well/is ported badly. It's almost always at least as good as the console version and if it's not, I play it there.

0
Rep
-4
Offline
10:11 Feb-21-2018

Performance not, but DRM is lately being implemented very badly. See EA's games that require always online or the latest Anno.
DRM is bad and does nothing good

0
Rep
55
Offline
12:40 Feb-20-2018

Nice!
The developer is going to steal from potential players who have pirated the game. So basically an eye for an eye. That way everyone can go blind together.


Are these devs really dumb or are they especially trying it today? Can never really say.
And who does this affect mostly? Paying legitimate customers! Keep up this dumbness and push even legit players towards piracy as NO ONE wants MALWARE.

11
Rep
94
Offline
18:51 Feb-20-2018

More like hopeless. Well, I hope microsoft kicks in and make windows defender our best friend in blocking this kind of nasty tricks.

0
Rep
18
Offline
12:38 Feb-20-2018

What sense does this make even? Just because someone did something illegal to you, you can't do the same to them, legally. This is not medieval times, what the hell.

8
Rep
36
Offline
12:29 Feb-20-2018

Terrible mistake. Whether or not they are targeting piracy, they have no right to "hack" into a pirates' computer and stealing their sensitive passwords. People should go pirate their game now, and then file a class action lawsuit against them. They will lose lots of $$$. Lawyers are drooling over this.

9
Rep
116
Offline
12:23 Feb-20-2018

Nice. Now literal viruses are being used as "DRM" protection.
Just wait until big Publishers hear about this. A perfect way to not only F your even more, but steal all their personal information as well, that's considering they don't already have them.
Hopefully this is one of and won't happen again, that'd be for the best for everyone.

6
Rep
272
Offline
admin approved badge
11:27 Feb-20-2018

So this is what we came to, eh folks? Bundling malware that dumps your passwords with games. Awesome. Next up - WannaCry Ransomware bundled with Denuvo titles!

13
Rep
44
Offline
10:40 Feb-20-2018

They were like "Sure, let's fight crime with crime."

8
Rep
96
Offline
admin approved badge
10:30 Feb-20-2018

It's definitely 10 steps too far but I can't help myself from finding it rather amusing.
"You steal our game? We steal your Facebook account, Ha!"

11
Rep
58
Offline
10:33 Feb-20-2018

I would love for them to take over some accounts and post all piratey

1
Rep
116
Offline
12:25 Feb-20-2018

Even though piracy is illegal, posting someone's personal information online for everyone to use or see is way worse.

0
Rep
383
Offline
senior admin badge
12:51 Feb-20-2018

It's not really a question of which is worse. I haven't really got any pity to spare for any pirates stung by this, but I do question how legitimate users could get wrapped into it, despite FSLabs saying otherwise.

0
Rep
116
Offline
15:03 Feb-20-2018

That I do find extremely problematic as well. Best case scenario, you still have 'inactive' malware installed on your PC, which is an absolute no for me, and I'm pretty sure most other people as well.

1

Can They Run... |

| 30FPS, Medium, 1080p
Ryzen 7 4800H 8-Core 2.9GHz GeForce GTX 1650 Ti Mobile 16GB
| 60FPS, High, 1080p
Core i5-9300H 4-Core 2.4GHz GeForce GTX 1650 8GB
| 60FPS, Ultra, 1080p
Ryzen 5 3600 6-Core 3.6GHz GeForce RTX 3060 16GB
| 60FPS, Low, 1080p
Core i5-3470 3.2GHz Radeon RX 470 Sapphire Nitro+ 8GB 16GB
| 60FPS, High, 1080p
Core i7-10870H 8-Core 2.20GHz GeForce RTX 2060 Asus ROG STRIX Gaming 6GB 16GB
100% Yes [1 votes]
| 60FPS, Medium, 1080p
Ryzen 5 3400G 4-Core 3.7GHz GeForce RTX 2060 6GB 16GB
| 60FPS, Ultra, 1080p
Ryzen 7 3750H 4-Core 2.3 GHz GeForce RTX 2060 Mobile 16GB
100% Yes [1 votes]
| 60FPS, Ultra, 1080p
Core i7-6800K 6-Core 3.4GHz GeForce GTX 1080 Asus ROG Strix Gaming OC 8GB Edition 32GB
100% Yes [1 votes]
| 60FPS, High, 1080p
Core i7-10700 8-Core 2.90GHz GeForce GTX 1050 Gigabyte D5 2GB 8GB
0% No [1 votes]
Ryzen 5 3600 6-Core 3.6GHz GeForce RTX 2070 Gigabyte Windforce 8GB 16GB
100% Yes [4 votes]
Ryzen 7 5800H 8-Core 3.2GHz GeForce RTX 3060 Mobile 16GB
100% Yes [2 votes]
| 60FPS, Ultra, 1440p
Ryzen 9 3900X 12-Core 3.8GHz GeForce RTX 3070 EVGA FTW3 Ultra Gaming 8GB 32GB
80% Yes [5 votes]
| 60FPS, Low, 720p
APU A8-7410 Quad-Core Radeon R5 7410 8GB
100% Yes [4 votes]
| 60FPS, Ultra, 1080p
Core i5-11400 6-Core 2.7GHz GeForce RTX 3050 Ti Mobile 8GB
0% No [1 votes]
| 60FPS, Ultra, 1080p
Ryzen 5 3600 6-Core 3.6GHz GeForce GTX 1080 MSI Gaming X 8GB Edition 16GB
100% Yes [3 votes]
| 30FPS, Low, 720p
Ryzen 5 3400G 4-Core 3.7GHz Radeon RX Vega 11 6GB
0% No [1 votes]
| 30FPS, High, 1080p
Core i5-11400 6-Core 2.7GHz GeForce RTX 3050 Ti Mobile 8GB
66.6667% Yes [3 votes]