Flight Simulator expansion has a new feature: password-stealing DRM

Posted on February 24, 2018

Digital Rights Management (DRM) software has been a rising trend. Once again though the anti-piracy measures has hit a new low. The latest expansion for Microsoft Flight Simulator X contains “Chrome Password Dump”. A program that can steal usernames and passwords.

DRM software in gaming is by no means a new technology. Generally used to discourage piracy, DRM has come under fire for numerous reasons. Increased money and manpower for DRM drives up prices. DRM can require always online players, meaning a less than perfect connection can kick you out of a game. DRM can also incorrectly attribute paying customers as pirates and render their games unusable.

Some people even suggest the rise of DRM may encourage some paying customers to buy pirated games to avoid it. Overall, not the best reputation. But why would the developer, Flight Sim Labs, go so far as to take user information?

Microsoft Flight Simulator X screenshot

It all started with a Reddit post on the flightsim subreddit. The original poster found the malicious file in the installer for the A-320X expansion for Microsoft Flight Simulator X.  Being a trusted installer of a well-received game, it seemed to be some sort of crazy mistake. Why else would such a game include a piece of a malware? Well, apparently as a weapon in the fight against piracy.

In a post clarifying their position, FSLabs Technical Director Lefteris Kalamaras claimed that only the pirates should be worried. “There are no tools used to reveal any sensitive information of any customer who has legitimately purchased our products.” said Kalamaras in his post. “We all realize that you put a lot of trust in our products and this would be contrary to what we believe.” He also claimed that the original poster had obtained the game illegally.

The offending programme is a simple text.exe file, located in the installer file. Upon installation of the game, a serial number must be applied.  FSLabs has blacklisted some numbers common to piracy sites such as ThePirateBay. When one of these numbers is used, the executable file runs and sends the private information to FSLabs.  Kalamaras intends to use such information in FSLab’s  “ongoing legal battles against such criminals”. Having said that, whether or not such evidence is even admissible in a court of law is not clear.

Microsoft Flight Simulator X screenshot

Of course, there has been a negative response to such a brazen use of DRM to catch offenders out. FSLabs whilst intending to catch pirates did not disclose information regarding their installer prior to launch. Customers have voiced their outrage and Kalamaras has talked to the press regarding the backlash. In an interview he said he is quite aware that this didn’t sit well with the fans. Whilst he still thought the intent to stop pirates was worth the backlash, he still sympathises with the customers hurt by this move.

In the blowback, customers have been given options to avoid any potential issues. Many people have requested refunds, and Kalamaras has indicated he is willing to offer refunds for the next few weeks. Otherwise, new customers wishing to avoid the malware altogether can now use a test.exe-free clean installer.