Software

Flight Simulator's DRM fighter nosedives into Chrome's cache

Flight Sim Labs tips a bucket of fresh aviation fuel onto malware flames

By Richard Speed

64 SHARE

A Chrome password dump tool found in the latest update from Microsoft's Flight Simulator Add-On wrangler, Flight Sim Labs, has virtual pilots up in arms.

The download featured updates to the Airbus A320 model including improvements to the engine crank and flare mode logic and, er... a password harvester for Chrome.

Noted in a Reddit thread the A320X update file, FSLabs_A320X_P3D_v2.0.1.231.exe, contains a Chrome password dump tool which, since the installer typically runs with administrative rights, would be installed silently onto a user’s system to do its nefarious work.

Doubtless spurred on by the sound of lawyers sharpening knives, Flight Sim Labs rep Lefteris Kalamaras acted quickly by, er, pouring additional aviation fuel onto the flames with a post that first admitted the presence of the malware and then tried to justify it as a defence against piracy.

In an effort to track specific pirates, Flight Sim Labs decided to drop a harvesting tool into the installer that, upon detecting a specific combination of user, email, serial number and IP address, would slurp the user’s private information from Chrome’s cache and lob it in the direction of Flight Sim Labs.

The information could then be used to gain access to illicit web sites used by the game cracking community and be passed onto the authorities. Resulting, with luck, in a knock on the door by a member of the local constabulary.

Users of third party password managers, such as LastPass and its ilk, are unaffected since the harvesting tool in question only targets Chrome’s password cache.

Unfortunately for the Flight Sim Labs team, the only door likely to receive a knocking by the forces of law and order is their own. With UK and Greece-based team members, the company may find themselves at the sharp, pointy end of the UK Computer Misuse Act, which is pretty specific about unauthorised access to personal data as well as the impending EU-wide GDPR legislation, which is due to hit in May 2018.

Despite assurances by Flight Sim Labs that the password harvester would be automatically removed at the end of the setup and registration process, wannabe-pilots looking forward to taking a virtual commercial airliner out for a spin are understandably alarmed by the prospect of malware being stealthily installed on their machine.

Accordingly, refunds are now being requested.

The installer in question has since been removed in a bid to undo the undoubted damage caused to user trust.

Flight Sim Labs have proffered an apology for what they now regard as an “overly heavy-handed approach to our DRM installer efforts”. ®

Sign up to our NewsletterGet IT in your inbox daily

64 Comments

More from The Register

Microsoft Germany emerging from behind Deutsche Telekom cloud

Frankfurt, Berlin regions to launch end of 2019, T-Systems 'trustee' deal to be retired

Microsoft has signed up to the Open Invention Network. We repeat. Microsoft has signed up to the OIN

That 60,000 patents in your pocket or are you just pleased to see us?

Microsoft wants to cart your data away in a box and punt it onto Azure

Ignite 1PB of Fedex-able rack-on-rollers

Using Microsoft's Dynamics 365 Finance and Operations? Using Skype? Not for long!

Upcoming update could bork on-prem logins, warns Redmond

So what's Microsoft's counter-AWS cloud strategy? Don't be evil

Lil pupper yaps at big doge

IoT shouters Chirp get themselves added to Microsoft Azure IoT

Now your devices can join you in bellowing at Redmond's products

Microsoft adds delayed gratification to the Surface Hub 2 line

Ignite S version set for Q2 '19 debut, but full tiling pleasure on the X delayed

Robot Operating System gets the Microsoft treatment

RoTM What's that coming over the hill? Is it a robot? A Windows robot?

Microsoft gets edge on AWS with Azure Stack for government

Feds can now stick Redmond clouds into on-prem hardware

SoftwareONE goes Comparex: When one Microsoft reseller giant buys another

Two Redmond wranglers sitting in a tree...