• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 15th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Surveillance
Privacy

Flight Sim Lab installed Chrome passwords stealer in piracy check tool

February 20th, 2018 Waqas Security, Malware, Privacy 0 comments
Flight Sim Lab installed Chrome passwords stealer in piracy check tool
Share on FacebookShare on Twitter

Flight Simulator Lab is caught secretly installing a software which steals Chrome passwords from the browser while checking if the user has installed a pirated copy of their software.

Over the years there have been many DRM (Digital rights management) schemes, some of which were quite intriguing but not as much as this one that we are now going to reveal to you. As per the findings of Reddit user Crankyrecursion, the studio specializing in the development of flight simulator’ custom add-ons, FlightSimLabs or FSLaba, is involved in the secret installation of a program to assess if the user is running a pirated version of their software. This program is installed on user’s computers and happens to be a Chrome Password Dump tool. Crankyrecursion revealed his findings on February 18th.

As per a report on TorrentFreak, the program is designed to initiate a procedure that allowed FlightSimLabs to steal usernames and passwords from the web browsers of unsuspecting computer users. Indeed it is an excellent DRM scheme since the code is built-in to the FSLabs’ A320-X, which is an expansion for Microsoft Flight Simulator X.

It is rather ironic that instead of challenging the findings or denying it categorically, FlightSlimLabs’ boss Lefteris Kalamaras admitted that the code is there but it has been designed to be used on pirated versions of their software only. So, this means it is not a technical glitch or vulnerability but the software is meant to be there.

Flight Simulator Lab installed Chrome password stealer in piracy check tool

Software stealing passwords from Chrome browser

User Luke Gorman proved after breaking-down the Text.exe that anyone paying for FSLabs’ A320 module will be having this program installed on the computers without their consent or knowledge. Since the program can steal passwords, therefore, it can be termed as malware. The program not only asks the user to disable anti-virus while it is being installed but also is unable to protect their passwords.

Kalamaras has denied that the tool performs indiscriminate dumping of Chrome passwords. He added that: “there are no tools used to reveal any sensitive information of any customer who has legitimately purchased our products.” Basically, the software is there to notify the firm whenever the expansion is installed through pirated serial numbers. Kalamaras also noted that ‘Test.exe’ is a part of the DRM; its main targets are pirated versions of copyrighted software that are illegally obtained. The software is extracted temporarily only and is not used on legal copied of their product.

A cyber-security firm Fidus Information Security also approved the assessment and stated that although the company provided detailed information about their product there is no mentioning of the password dumping tool or text.exe.

“We can conclude the password dumping tool (test.exe) is only called when a fraudulent serial is used,” wrote Fidus.

However, Fidus has questioned about the protection of stored data and the reason behind transferring of the data over HTTP when it is encoded with B64 and whether it is legally allowed for a firm to do something like this. According to the founder of Fidus, Andrew Mabbit, the presence of malware as a password dumper in a trusted installed just to combat piracy is nothing short of “insanity.”

“When run, the program extracts all saved usernames and passwords from the Chrome browser and appears to send them to FSLabs. This is by far one of the most extreme, and bizarre, methods of Digital Rights Management (DRM) we’ve ever seen,” stated Mabbit while speaking with Motherboard.

Being wary of the criticism the company received after the revelation of the presence of password dumping tool, FSLabs released an update installer minus the malware on February 19th followed by a fresh statement from Kalamaras that read:

“While the majority of our customers understand that the fight against piracy is a difficult and ongoing battle that sometimes requires drastic measures, we realize that a few of you were uncomfortable with this particular method which might be considered to be a bit heavy handed on our part. It is for this reason we have uploaded an updated installer that does not include the DRM check file in question.”

The statement also contained another apology from FSLabs: “We have already replaced the installer in question and can only promise you that we will do everything in our power to rectify the issue with those who feel offended, as well as never use any such heavy-handed approach in the future. Once again, we humbly apologize!”

  • Tags
  • Chrome
  • gaming
  • internet
  • Malware
  • Password
  • Privacy
  • security
  • Spyware
  • Technology
Facebook Twitter LinkedIn Pinterest
Previous article Dark Web's worst pedophile sentenced to 32 years in prison
Next article Hackers Exploit Tegra Chipset Flaw to Run Linux OS on Nintendo Switch
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Unpatched MS Exchange servers hit by cryptojacking malware

Unpatched MS Exchange servers hit by cryptojacking malware

Indian supply-chain giant Bizongo exposed 643GB of sensitive data

Indian supply-chain giant Bizongo exposed 643GB of sensitive data

FBI accessing computers across US to remove malicious web shells

FBI accessing computers across US to remove malicious web shells

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Unpatched MS Exchange servers hit by cryptojacking malware
Security

Unpatched MS Exchange servers hit by cryptojacking malware

Indian supply-chain giant Bizongo exposed 643GB of sensitive data
Leaks

Indian supply-chain giant Bizongo exposed 643GB of sensitive data

FBI accessing computers across US to remove malicious web shells
Security

FBI accessing computers across US to remove malicious web shells

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us