Software

Flight Simulator's DRM fighter nosedives into Chrome's cache

Flight Sim Labs tips a bucket of fresh aviation fuel onto malware flames

By Richard Speed

64 SHARE

A Chrome password dump tool found in the latest update from Microsoft's Flight Simulator Add-On wrangler, Flight Sim Labs, has virtual pilots up in arms.

The download featured updates to the Airbus A320 model including improvements to the engine crank and flare mode logic and, er... a password harvester for Chrome.

Noted in a Reddit thread the A320X update file, FSLabs_A320X_P3D_v2.0.1.231.exe, contains a Chrome password dump tool which, since the installer typically runs with administrative rights, would be installed silently onto a user’s system to do its nefarious work.

Doubtless spurred on by the sound of lawyers sharpening knives, Flight Sim Labs rep Lefteris Kalamaras acted quickly by, er, pouring additional aviation fuel onto the flames with a post that first admitted the presence of the malware and then tried to justify it as a defence against piracy.

In an effort to track specific pirates, Flight Sim Labs decided to drop a harvesting tool into the installer that, upon detecting a specific combination of user, email, serial number and IP address, would slurp the user’s private information from Chrome’s cache and lob it in the direction of Flight Sim Labs.

The information could then be used to gain access to illicit web sites used by the game cracking community and be passed onto the authorities. Resulting, with luck, in a knock on the door by a member of the local constabulary.

Users of third party password managers, such as LastPass and its ilk, are unaffected since the harvesting tool in question only targets Chrome’s password cache.

Unfortunately for the Flight Sim Labs team, the only door likely to receive a knocking by the forces of law and order is their own. With UK and Greece-based team members, the company may find themselves at the sharp, pointy end of the UK Computer Misuse Act, which is pretty specific about unauthorised access to personal data as well as the impending EU-wide GDPR legislation, which is due to hit in May 2018.

Despite assurances by Flight Sim Labs that the password harvester would be automatically removed at the end of the setup and registration process, wannabe-pilots looking forward to taking a virtual commercial airliner out for a spin are understandably alarmed by the prospect of malware being stealthily installed on their machine.

Accordingly, refunds are now being requested.

The installer in question has since been removed in a bid to undo the undoubted damage caused to user trust.

Flight Sim Labs have proffered an apology for what they now regard as an “overly heavy-handed approach to our DRM installer efforts”. ®

Sign up to our NewsletterGet IT in your inbox daily

64 Comments

More from The Register

IoT shouters Chirp get themselves added to Microsoft Azure IoT

Now your devices can join you in bellowing at Redmond's products

Microsoft gets edge on AWS with Azure Stack for government

Feds can now stick Redmond clouds into on-prem hardware

Azure certifications are awful, Microsoft admits, so it has made new ones

Changes to add ‘more of the skills that you actually need to be successful’

Microsoft's cheapo Surface: Like a netbook you can't upgrade

When Go means slow

Microsoft Store adds ‘private audience’ apps to its Store

A velvet rope for digital tat, to help with betas, promos and maybe Windows 10 S

Microsoft pulls the plug on Windows 7, 8.1 support forums

Have you tried turning it off and.. err… off again?

Microsoft open-sources UI Recorder tool for Windows 10 developers

An easy way to create automated user-interface tests

Microsoft wants serious, non-gaming developers to make more money

Build Planned dev deal tweak lets programmers keep 95 per cent of revenue

Git365. Git for Teams. Quatermass and the Git Pit. GitHub simply won't do now Microsoft has it

Poll Tell us, what should the source shack be called post-Redmondisation?

Microsoft tries cutting the Ribbon in Office UI upgrade

We gotta put this in context, cos that's what Microsoft says matters these days