FSLabs messed up
#1
So turns out that there was a password dumper found in the FSLabs a320 installer as a "DRM" placement, y'all might wanna read this

https://www.reddit.com/r/flightsim/comme..._a_chrome/
Reply
#2
[Image: warning.png]

Anti-piracy systems and DRM come in all shapes and sizes, none of them particularly popular, but one deployed by flight sim company FlightSimLabs is likely to go down in history as one of the most outrageous.

It all started yesterday on Reddit when Flight Sim user ‘crankyrecursion’ reported a little extra something in his download of FlightSimLabs’ A320X module.

“Using file ‘FSLabs_A320X_P3D_v2.0.1.231.exe’ there seems to be a file called ‘test.exe’ included,” crankyrecursion wrote.

“This .exe file is from http://securityxploded.com and is touted as a ‘Chrome Password Dump’ tool, which seems to work – particularly as the installer would typically run with Administrative rights (UAC prompts) on Windows Vista and above. Can anyone shed light on why this tool is included in a supposedly trusted installer?”

The existence of a Chrome password dumping tool is certainly cause for alarm, especially if the software had been obtained from a less-than-official source, such as a torrent or similar site, given the potential for third-party pollution.

However, with the possibility of a nefarious third-party dumping something nasty in a pirate release still lurking on the horizon, things took an unexpected turn. FlightSimLabs chief Lefteris Kalamaras made a statement basically admitting that his company was behind the malware installation.

“We were made aware there is a Reddit thread started tonight regarding our latest installer and how a tool is included in it, that indiscriminately dumps Chrome passwords. That is not correct information – in fact, the Reddit thread was posted by a person who is not our customer and has somehow obtained our installer without purchasing,” Kalamaras wrote.

“[T]here are no tools used to reveal any sensitive information of any customer who has legitimately purchased our products. We all realize that you put a lot of trust in our products and this would be contrary to what we believe.

“There is a specific method used against specific serial numbers that have been identified as pirate copies and have been making the rounds on ThePirateBay, RuTracker and other such malicious sites,” he added.

In a nutshell, FlightSimLabs installed a password dumper onto ALL users’ machines, whether they were pirates or not, but then only activated the password-stealing module when it determined that specific ‘pirate’ serial numbers had been used which matched those on FlightSimLabs’ servers.

“Test.exe is part of the DRM and is only targeted against specific pirate copies of copyrighted software obtained illegally. That program is only extracted temporarily and is never under any circumstances used in legitimate copies of the product,” Kalamaras added.

That didn’t impress Luke Gorman, who published an analysis slamming the flight sim company for knowingly installing password-stealing malware on users machines, even those who purchased the title legitimately.


Password stealer in action (credit: Luke Gorman)

[Image: pass-steal-e1519054012686.png]


Making matters even worse, the FlightSimLabs chief went on to say that information being obtained from pirates’ machines in this manner is likely to be used in court or other legal processes.

“This method has already successfully provided information that we’re going to use in our ongoing legal battles against such criminals,” Kalamaras revealed.

While the use of the extracted passwords and usernames elsewhere will remain to be seen, it appears that FlightSimLabs has had a change of heart. With immediate effect, the company is pointing customers to a new installer that doesn’t include code for stealing their most sensitive data.

“I want to reiterate and reaffirm that we as a company and as flight simmers would never do anything to knowingly violate the trust that you have placed in us by not only buying our products but supporting them and FlightSimLabs,” Kalamaras said in an update.

“While the majority of our customers understand that the fight against piracy is a difficult and ongoing battle that sometimes requires drastic measures, we realize that a few of you were uncomfortable with this particular method which might be considered to be a bit heavy handed on our part.  It is for this reason we have uploaded an updated installer that does not include the DRM check file in question.”

To be continued………


Source: TF, for the latest info on copyright, file-sharing, torrent sites and more.


Originally Published: Mon, 19 Feb 2018 15:55:27 +0000
source
Reply
#3
A320 maker FlightSimLabs stuffed it in order to fight pirates:   https://torrentfreak.com/flight-sim-comp...ds-180219/  

Now most of us remember the Sony privacy issues:   ttps://torrentfreak.com/sony-installs-rootkit-in-ps3-update-to-defeat-piracy-110202/

The wolves are out for us. Not only increasingly tracking and watching, but hacking us is a trend now. Companies, big or small, everybody want's a piece of our action!

This case was relatively easy to spot, but some tools will be (are) implanted or designed as part of the product / service.
We need new ways to pro-actively protect our privacy and security; current solutions won't do when the apps, the O.S. itself and services we use all are trying to screw us and hiding it - until privacy restriction becomes legal then we're screwed for sure.


We can say the industry is swapping roles with pirates. Who will help next decade?

Moe edited Feb 19, 2018 15:45 pm this post because:

Duplicate threads merged

Reply
#4
Meanwhile in the FSLabs HQ


Reply
#5
(Feb 19, 2018, 15:31 pm)dueda Wrote: A320 maker FlightSimLabs stuffed it in order to fight pirates:   https://torrentfreak.com/flight-sim-comp...ds-180219/  

Now most of us remember the Sony privacy issues:   ttps://torrentfreak.com/sony-installs-rootkit-in-ps3-update-to-defeat-piracy-110202/

The wolves are out for us. Not only increasingly tracking and watching, but hacking us is a trend now. Companies, big or small, everybody want's a piece of our action!

This case was relatively easy to spot, but some tools will be (are) implanted or designed as part of the product / service.
We need new ways to pro-actively protect our privacy and security; current solutions won't do when the apps, the O.S. itself and services we use all are trying to screw us and hiding it - until privacy restriction becomes legal then we're screwed for sure.


We can say the industry is swapping roles with pirates. Who will help next decade?

I can see why people hated Sony for the Audio-CD rootkit that got installed on Windows computers. But on their own "tightly closed" ps3 hardware and software? What kind of damage can that make that the Sony's own software already couldn't?
Reply
#6
(Feb 20, 2018, 09:49 am)Q91 Wrote:
(Feb 19, 2018, 15:31 pm)dueda Wrote: ...remember the Sony privacy issues:   ttps://torrentfreak.com/sony-installs-rootkit-in-ps3-update-to-defeat-piracy-110202/  

We can say the industry is swapping roles with pirates. Who will help next decade?

I can see why people hated Sony for the Audio-CD rootkit that got installed on Windows computers. But on their own "tightly closed" ps3 hardware and software? What kind of damage can that make that the Sony's own software already couldn't?

Right, but my point is the privacy issue: Running a remote control with full priviledges in my living room?
I never signed up for that. And they don't tell beforehand - They may mention "updates", "necessary technicalities" and bla bla...

One thing is to monitor for threats - wrong anyway because it is my house; other is rootkit and all that obviously come with it.
And what if I like to hack and mod MY game box? Oh, wait, it is their product, their house, their rules... Dream on, Sony!

But my point is the repeating, constant trampling over our safety and privacy.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  FSLabs A320 SimplySimplex4100 0 12,339 Jun 10, 2022, 13:27 pm
Last Post: SimplySimplex4100
  FSLabs A320 P3d V4.2 Badam3co 5 28,127 Jun 02, 2018, 15:17 pm
Last Post: jbravo



Users browsing this thread: 1 Guest(s)