Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Password Stealing Malware Discovered in Microsoft Flight Simulator DLC
#1
http://news.softpedia.com/news/password-...9868.shtml      Password Stealing Malware Discovered in Microsoft Flight Simulator DLC

It’s an anti-piracy tool, parent company says
Feb 20, 2018 12:17 GMT  ·  By Bogdan Popa ·  Share:      
A Microsoft Flight Simulator DLC from Flight Sim Labs (known as FSLabs) shipped with an executable file that was used to extract Google Chrome usernames and passwords and then upload them to the parent company’s own servers.

The controversial file, called text.exe and bundled into the legitimate installer FSLabs_A320X_P3D_v2.0.1.231.exe, is described as a Chrome Password Dump tool that requires administrator privileges on any Windows version in order to gather the usernames and passwords. The file is flagged as malware by the majority of Windows security solutions.

But Lefteris Kalamaras, founder of FSLabs, says the purpose of the file is to actually help them fight against software pirates, as text.exe only collects data from computers that are running pirated versions of Flight Simulator. To determine whether a specific install of the game is pirated or not, the file checks for a database of serial numbers known for being used by copies distributed on sites like The Pirate Bay.

“If such a specific serial number is used by a pirate (a person who has illegally obtained our software) and the installer verifies this against the pirate serial numbers stored in our server database, it takes specific measures to alert us,” Kalamaras explains.

What happens with users’ data?
The FSLabs executive guarantees that no data is extracted from systems running genuine copies of the game, and says that this only takes place temporarily. Despite this, however, FSLabs has released a new installer that does not include the controversial password-stealing file.

“While the majority of our customers understand that the fight against piracy is a difficult and ongoing battle that sometimes requires drastic measures, we realise that a few of you were uncomfortable with this particular method which might be considered to be a bit heavy handed on our part,” Kalamaras said.

The FSLabs founder, however, hasn’t addressed more important questions, as to what happens with users’ data after it’s uploaded to their own servers, and how exactly the whole thing happens, especially if any encryption system is being used.

In the meantime, some users are asking for refunds invoking the breaking of trust as the main reason, but it turns out that the company replies to customers to inform them that the installed has been updated without directly issuing a refund.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Hackers now use Microsoft OneNote attachments to spread malware tarekma7 0 614 01-24-2023 , 10:21 AM
Last Post: tarekma7
  Password recovery tool infects industrial systems with Sality malware tarekma7 0 614 07-17-2022 , 09:32 AM
Last Post: tarekma7
  Password-Stealing Windows Malware has been Discovered mrtrout 0 748 07-24-2021 , 02:32 AM
Last Post: mrtrout
  U.S. DOJ warns of fake unemployment benefit websites stealing data Bjyda 0 972 03-07-2021 , 10:59 PM
Last Post: Bjyda
  Microsoft: We're cracking down on malware that uses Excel macros Bjyda 0 984 03-05-2021 , 12:26 AM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)