It masquerades as DRM.
The whole DRM thing has become an absolute battlefield over the years. Developers and publishers have, on more than one occasion, hobbled their games with it, truly punishing only their actual, legal customers. But the A320-X expansion for Microsoft Flight Simulator by FSLabs is among the worst.
According to Reddit, the installer comes with a “Chrome Password Dump” tool (titled Test.exe) that could be used to steal usernames and passwords. FSLabs founder Lefteris Kalamaras denies that the software works indiscriminately, though. He states that its purpose is to send information when the game is installed using keys known to be pirated.
‘Test.exe’ is part of the DRM and is only targeted against specific pirate copies of copyrighted software obtained illegally. That program is only extracted temporarily and is never under any circumstances used in legitimate copies of the product,” he wrote. “The only reason why this file would be detected after the installation completes is only if it was used with a pirate serial number (not blacklisted numbers).
Vindication?
And that assertion is apparently borne out, as far as Fidus Information Security is concerned. The cybersecurity firm stated: “Whilst a lot of information is provided, it does not include any references to the password dumping tool […] We can conclude the password dumping tool (test.exe) is only called when a fraudulent serial is used.”
That said, they do still have a few problems with it. Namely, that the data is sent over an insecure method, as well as potential storage issues and the fact that it might not even be legal. Fidus’ founder, Andrew Mabbitt, had this to say in an interview with Motherboard:
The inclusion of a malware, in the form of a password dumper, in a trusted installer for the sake of combating piracy is absolute insanity. When run, the program extracts all saved usernames and passwords from the Chrome browser and appears to send them to FSLabs. This is by far one of the most extreme, and bizarre, methods of Digital Rights Management (DRM) we’ve ever seen.
Kalamaras has stated that FSLAbs would be happy to provide information about the system to any that want it. Moreover, it has already provided them with information about useful for taking pirates to court. The studio has, however, released an updated version of the installer without the component, which Kalamaras stated to be unsuspicious in a followup statement:
While the majority of our customers understand that the fight against piracy is a difficult and ongoing battle that sometimes requires drastic measures, we realize that a few of you were uncomfortable with this particular method which might be considered to be a bit heavy handed on our part […] It is for this reason we have uploaded an updated installer that does not include the DRM check file in question.