FlightSimLabs Injected Virus Like DRM into its distribution

Published by

Click here to post a comment for FlightSimLabs Injected Virus Like DRM into its distribution on our message forum
#5521096
https://forums.guru3d.com/data/avatars/m/239/239932.jpg
Yeah, sure. Go ahead and erode trust. Retards.
#5521097
https://forums.guru3d.com/data/avatars/m/246/246564.jpg
Creating flight sim addons takes lots of time and effort. Some take many years and thousands if not tens of thousands of man hours to make. To top it all off, the market for them is tiny (compared to other games). That's why they're expensive, and subject to excessive piracy. I will never condone FSLabs methods, they are deserving of whatever scorn and boycott that may be coming their way, but I do understand where they're coming from.
#5521132
https://forums.guru3d.com/data/avatars/m/239/239932.jpg
Koniakki:

So many DRM related news and issues coming up lately..
Previous decade all over again.
#5521139
https://forums.guru3d.com/data/avatars/m/248/248994.jpg
I wonder what the person who came up with this was thinking. Maybe it was the legendary: "Nobody will ever notice."
#5521143
https://forums.guru3d.com/data/avatars/m/227/227994.jpg
Seems FSLabs are deleting topics and banning people, i guess they are trying to cover up.
#5521168
https://forums.guru3d.com/data/avatars/m/175/175902.jpg
TheDeeGee:

Seems FSLabs are deleting topics and banning people, i guess they are trying to cover up.
Sadly for them the FS users always stay packed and are very very very active (kind of a sect with virtual wings lol)... i guess it's the best way if FSLabs want to never ever sold a product... they better face the problem and found a solution.
#5521172
https://forums.guru3d.com/data/avatars/m/196/196284.jpg
mackintosh:

Creating flight sim addons takes lots of time and effort. Some take many years and thousands if not tens of thousands of man hours to make. To top it all off, the market for them is tiny (compared to other games). That's why they're expensive, and subject to excessive piracy. I will never condone FSLabs methods, they are deserving of whatever scorn and boycott that may be coming their way, but I do understand where they're coming from.
The amount of time and effort necessary to create a flight sim addon doesn't justify willful distribution of malware.... Especially not malware that has the potential to leave someone's billing and other personal information exposed. Also, FSLabs can't use that information to go after US based "pirates" as the data would be acquired using methods that are banned in the US and directly violate federal laws. Even bringing a case against a US based "pirate" using such information would be an admission of guilt on their part.
#5521173
https://forums.guru3d.com/data/avatars/m/56/56686.jpg
just more riduclously DRM crap going on. and DRM that steals "passwords" is just a no no
#5521180
https://forums.guru3d.com/data/avatars/m/196/196284.jpg
DRM that steals passwords isn't DRM.... It's malware.
#5521189
https://forums.guru3d.com/data/avatars/m/178/178348.jpg
I was just about to say the same, this is not DRM. This is malware, In the UK it almost certainly falls foul of the 1998 computer misuse act. Specifically using software to gain unauthorised access to computer material.
#5521197
https://forums.guru3d.com/data/avatars/m/258/258801.jpg
Big lawsuit incoming! Privacy lawyers everywhere suddenly see dollar signs in front of their eyes.
#5521201
https://forums.guru3d.com/data/avatars/m/202/202673.jpg
Yay...flight sim add-ons are somehow somewhat relevant again!!!
#5521224
https://forums.guru3d.com/data/avatars/m/196/196284.jpg
RzrTrek:

Did the developers sneak it into the EULA or are we talking about real malicious intent?
In some countries, it doesn't matter if it's in the EULA or not. The US is a good example. Even if it's in the EULA, it's still classified by the US Gov't as malware and it's still being willfully and intentionally distributed.
#5521257
https://forums.guru3d.com/data/avatars/m/189/189438.jpg
As usual people jump the gun...why shouldn't companies take drastic measures to protect there income, if people didnt pirate then there would not be the need for it.
#5521265
https://forums.guru3d.com/data/avatars/m/53/53598.jpg
The Goose:

As usual people jump the gun...why shouldn't companies take drastic measures to protect there income, if people didnt pirate then there would not be the need for it.
Even if we dodge the whole privacy and safety issues of what they did, why are they treating honest consumers in such a heavy handed manner, would you be happy to be accused of being a pirate until a games company can come over to your house and look through your PC contents before they class you as honest, it's not supposed to work that way, consumers who support the industry always seem to be the ones who are forced to jump through the hoops when in fact as supporters they should be having the best possible experience.
#5521277
https://forums.guru3d.com/data/avatars/m/196/196284.jpg
The Goose:

As usual people jump the gun...why shouldn't companies take drastic measures to protect there income, if people didnt pirate then there would not be the need for it.
This is not a "drastic measure". If I had purchased an add-on from FSLabs and found such a file on my PC, I'd be contacting my lawyer, local law enforcement and the FBI. Whether someone pirated their work or not, their reaction is criminal in nature. For those that allow Chrome to store passwords, their account information is being put at risk. If it's dumping all accounts/passwords stored, that may include financial websites, which is now a completely different set of criminal charges. From what I've seen thus far, FSLabs is nothing but a criminal organization at this point.
#5521307
https://forums.guru3d.com/data/avatars/m/209/209146.jpg
The Goose:

As usual people jump the gun...why shouldn't companies take drastic measures to protect there income, if people didnt pirate then there would not be the need for it.
DRM sure, protection the content they're creating is one thing and understandable but what sort of protection requires dumping the Chrome browser password database though. It's unrelated to the game and addon content entirely plus it's not valid evidence due to questionable (Or outright illegal.) means by which it was obtained so in that aspect it's useless as well. Feels more like this was done for other reasons and they're trying to cover it up but it's not really going very well for them unsurprisingly. Going by the discussion I read on ResetEra on this yesterday they've had other methods as well such as messing with folders on the users system and messing up texture addons for one thing which also goes beyond simple DRM and into malware. EDIT: From that Reddit thread, now there's a Frack-Up alright.
I work in InfoSec for a large company as a Security Architect I am involved with Incident Response First, this is illegal in many countries and states. They cannot distribute malware knowingly. Second, for the misguided who are buying the line that it is only pirated serial numbers that are affected. Every system that downloaded and ran the file should now be considered compromised. At my company, if this was done, those systems would be isolated, investigated and reimaged. Nobody can guarantee how the malware behaves that they installed. It very well could have left a ghost somewhere or when it is used could send the data via means the company could not detect. I seriously doubt they would look at DNS exfil or even know what it is. There is also the possibility some developer of another program dropped malware and stole your license number and now your copy is blacklisted. The data they exfiled is PII and there are lots of issues with taking it off a system. Was it transmitted in the clear? How are they storing the stolen data they pulled? What if they are compromised? How are they using the data? Have they shared the data? If so, how did they transmit the data and how is it stored? There are legal issues as well. They acknowledged they stole PII from users. This is illegal. Any data obtained through those methods are also not admissible in court. They are also open to being fined by, at the very least, the EU and the UK. For those legitimate users who say they have nothing to hide or worry about. You should be extremely worried. This company has done something very unethical and illegal. When they were caught doing it, they denied it initially, then they said they did it to fight piracy and, Oh, trust them, they don't execute it on legitimate customers. The issue with that is they already ruined that trust by putting malware on your system. You cannot trust this company when they say they do not run test.exe on legitimate copies. If you have had this installer executed on your system, it is my professional opinion you should reimage your system and change any passwords stored in Chrome. Also, use a password manager and do not store passwords in Chrome. Edit: More on the company trust. Keep in mind what they did is very unethical and illegal. In the coming weeks, they will be doing and saying anything to save their company. They are going to be assailed on multiple fronts with various agencies, Attorneys General, countries, and individuals investigating, prosecuting, and/or litigating. Edit2: This has blown up, as it should, but if you read the posts on the forums for FSL that they did not delete, the lack of awareness is absurd. Also, the data was exfiled with unencrypted transmission and the data was not encrypted either. To make matters worse, the target server is not behind a firewall and has RDP open to the world.
(That bolded part at the end about the lack of encryption, and a firewall. That's a huge problem.)
#5521313
https://forums.guru3d.com/data/avatars/m/68/68055.jpg
Whats next? Developers go full retard, and hijack the computer to mine some crypto currency as a reparation for pirated games?
#5521386
https://forums.guru3d.com/data/avatars/m/258/258664.jpg
I just wonder that none of those people using these programs knows / is an attourney to take them to court right away.

Next Page