Jump to content

FSLabs intentionally installing DRM that can steal your passwords

Arika
By Arika
in Tech News
 Share
Go to solution Solved by daned33,

EDIT: Added ArsTechnica and Motherboard links

 

This story now has an article from Rock Paper Shotgun, but has original post on reddit

 

 

https://www.rockpapershotgun.com/2018/02/19/flight-sim-group-put-malware-in-a-jet-and-called-it-drm/

 

Motherboard Vice: https://motherboard.vice.com/en_us/article/pamzqk/fs-labs-flight-simulator-password-malware-drm

Ars Technica: https://arstechnica.com/gaming/2018/02/flight-sim-devs-say-hidden-password-dump-tool-was-used-to-fight-pirates/

 


I personally own the said flight simulator aircraft and am absolutely appalled by FlightSimLabs' actions with this blatant spyware in their software, wether it be for pirates or not, they are distributing malware to all their customers.

 

FlightSimLabs added a Chrome password dumper to their installer, and if someone used a known pirate key their information would be sent to the developers.

 

The CEO, Lefteris Kalamaras of FlightSimLabs himself stated:

Quote

 

If such a specific serial number is used by a pirate (a person who has illegally obtained our software) and the installer verifies this against the pirate serial numbers stored in our server database, it takes specific measures to alert us… That program is only extracted temporarily and is never under any circumstances used in legitimate copies of the product. The only reason why this file would be detected after the installation completes is only if it was used with a pirate serial number (not blacklisted numbers).

This method has already successfully provided information that we’re going to use in our ongoing legal battles against such criminals.

 

 

Source: https://forums.flightsimlabs.com/index.php?/announcement/10-a320-x-drm-clarification/

 

Posted

Lawsuit in 3... 2... 1...

Current LTT F@H Rank: 90    Score: 2,503,680,659    Stats

Yes, I have 9 monitors.

My main PC (Hybrid Windows 10/Arch Linux):

OS: Arch Linux w/ XFCE DE (VFIO-Patched Kernel) as host OS, windows 10 as guest

CPU: Ryzen 9 3900X w/PBO on (6c 12t for host, 6c 12t for guest)

Cooler: Noctua NH-D15

Mobo: Asus X470-F Gaming

RAM: 32GB G-Skill Ripjaws V @ 3200MHz (12GB for host, 20GB for guest)

GPU: Guest: EVGA RTX 3070 FTW3 ULTRA Host: 2x Radeon HD 8470

PSU: EVGA G2 650W

SSDs: Guest: Samsung 850 evo 120 GB, Samsung 860 evo 1TB Host: Samsung 970 evo 500GB NVME

HDD: Guest: WD Caviar Blue 1 TB

Case: Fractal Design Define R5 Black w/ Tempered Glass Side Panel Upgrade

Other: White LED strip to illuminate the interior. Extra fractal intake fan for positive pressure.

 

unRAID server (Plex, Windows 10 VM, NAS, Duplicati, game servers):

OS: unRAID 6.11.2

CPU: Ryzen R7 2700x @ Stock

Cooler: Noctua NH-U9S

Mobo: Asus Prime X470-Pro

RAM: 16GB G-Skill Ripjaws V + 16GB Hyperx Fury Black @ stock

GPU: EVGA GTX 1080 FTW2

PSU: EVGA G3 850W

SSD: Samsung 970 evo NVME 250GB, Samsung 860 evo SATA 1TB 

HDDs: 4x HGST Dekstar NAS 4TB @ 7200RPM (3 data, 1 parity)

Case: Sillverstone GD08B

Other: Added 3x Noctua NF-F12 intake, 2x Noctua NF-A8 exhaust, Inatek 5 port USB 3.0 expansion card with usb 3.0 front panel header

Details: 12GB ram, GTX 1080, USB card passed through to windows 10 VM. VM's OS drive is the SATA SSD. Rest of resources are for Plex, Duplicati, Spaghettidetective, Nextcloud, and game servers.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
3 minutes ago, Sniperfox47 said:

Is this even a legit company making flight sims?

 

I just tried going to their site on mobile and almost immediately got an immediate redirect popup to super shady "you've won a prize!" ad, that wouldn't let me go back to their site.

Haven't experienced that issue. You're going to flightsimlabs.com right?

PLEASE QUOTE ME IF YOU ARE REPLYING TO ME

Desktop Build: Ryzen 7 2700X @ 4.0GHz, AsRock Fatal1ty X370 Professional Gaming, 48GB Corsair DDR4 @ 3000MHz, RX5700 XT 8GB Sapphire Nitro+, Benq XL2730 1440p 144Hz FS

Retro Build: Intel Pentium III @ 500 MHz, Dell Optiplex G1 Full AT Tower, 768MB SDRAM @ 133MHz, Integrated Graphics, Generic 1024x768 60Hz Monitor


 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I own the Airbus 320 model by them for P3D, and paid around 160USD.

 

I can tell you it's the best thing you can get for your money, it's considered as a "Study Level sim" so all the systems and flight computer and controls are modelled and programmed to their real life counterpart.

 

but this is such a shady thing that they've done.

 

They've lost my trust and money as a future customer.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

That kind of thing that prevents you from even buying the legit copy since all points out to rather insecurity.

Personal Desktop":

CPU: Intel Core i7 10700K @5ghz |~| Cooling: bq! Dark Rock Pro 4 |~| MOBO: Gigabyte Z490UD ATX|~| RAM: 16gb DDR4 3333mhzCL16 G.Skill Trident Z |~| GPU: RX 6900XT Sapphire Nitro+ |~| PSU: Corsair TX650M 80Plus Gold |~| Boot:  SSD WD Green M.2 2280 240GB |~| Storage: 1x3TB HDD 7200rpm Seagate Barracuda + SanDisk Ultra 3D 1TB |~| Case: Fractal Design Meshify C Mini |~| Display: Toshiba UL7A 4K/60hz |~| OS: Windows 10 Pro.

Luna, the temporary Desktop:

CPU: AMD R9 7950XT  |~| Cooling: bq! Dark Rock 4 Pro |~| MOBO: Gigabyte Aorus Master |~| RAM: 32G Kingston HyperX |~| GPU: AMD Radeon RX 7900XTX (Reference) |~| PSU: Corsair HX1000 80+ Platinum |~| Windows Boot Drive: 2x 512GB (1TB total) Plextor SATA SSD (RAID0 volume) |~| Linux Boot Drive: 500GB Kingston A2000 |~| Storage: 4TB WD Black HDD |~| Case: Cooler Master Silencio S600 |~| Display 1 (leftmost): Eizo (unknown model) 1920x1080 IPS @ 60Hz|~| Display 2 (center): BenQ ZOWIE XL2540 1920x1080 TN @ 240Hz |~| Display 3 (rightmost): Wacom Cintiq Pro 24 3840x2160 IPS @ 60Hz 10-bit |~| OS: Windows 10 Pro (games / art) + Linux (distro: NixOS; programming and daily driver)
Link to comment
Share on other sites
Link to post
Share on other sites
Posted
3 minutes ago, rcmaehl said:

Haven't experienced that issue. You're going to flightsimlabs.com right?

Yup. Chrome 64 on Android 8.1.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 minutes ago, Princess Cadence said:

That kind of thing that prevents you from even buying the legit copy since all points out to rather insecurity.

Right. It's like hey all video cards will now have bombs. We're only going to detonate them if we think you stole it.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Headed over to their forums.

 

50% of the posts are people who are 'sitting on the fence' thinking its justified

30% of the posts are people outraged and demanding explanations. 

The other 20% of users are saying "Well, I'm a legitimate customer, so this dosen't affect me in any way, and what the company did is completely legal, and if you think this is bad, then you are defending pirates which is worse than stealing your passwords" 

giphy.gif

While the devlopers are literally saying: 

Quote

 

You have malware? 

Do not bother responding as i actually know the answer to that

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

stealing all your passwords because someone pirated a game is like shooting someone in the head because they stole a stick of gum. Apart from that putting malware/spiware/etc... on the PC's of legit buyers to catch pirates is in the same league.

 

.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

wait a minute... someone actually paid 100USD for an airplane in Microsoft Airplane Simulator. Sweet mother of good :o

 

That's even worst then stealing all your passwords, this is a step down xD

.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
Just now, asus killer said:

wait a minute... someone actually paid 100USD for an airplane in Microsoft Airplane Simulator. Sweet mother of good :o

 

That's even worst then stealing all your passwords, this is a step down xD

Yeah, thats the worst part about flight sim, you buy an aircraft you like it, you buy more, etc haha, many wallets have been emptied out.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Could be worse. Train Simulator on Steam has over $4000 in DLC 

 

image.png.de3537e2128c946a478ed840df08322c.png

PLEASE QUOTE ME IF YOU ARE REPLYING TO ME

Desktop Build: Ryzen 7 2700X @ 4.0GHz, AsRock Fatal1ty X370 Professional Gaming, 48GB Corsair DDR4 @ 3000MHz, RX5700 XT 8GB Sapphire Nitro+, Benq XL2730 1440p 144Hz FS

Retro Build: Intel Pentium III @ 500 MHz, Dell Optiplex G1 Full AT Tower, 768MB SDRAM @ 133MHz, Integrated Graphics, Generic 1024x768 60Hz Monitor


 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
34 minutes ago, rcmaehl said:

Could be worse. Train Simulator on Steam has over $4000 in DLC 

 

image.png.de3537e2128c946a478ed840df08322c.png

i dont think that litearlly steels passwords tho...

I spent $2500 on building my PC and all i do with it is play no games atm & watch anime at 1080p(finally) watch YT and write essays...  nothing, it just sits there collecting dust...

Builds:

The Toaster Project! Northern Bee!

 

The original LAN PC build log! (Old, dead and replaced by The Toaster Project & 5.0)

Spoiler

"Here is some advice that might have gotten lost somewhere along the way in your life. 

 

#1. Treat others as you would like to be treated.

#2. It's best to keep your mouth shut; and appear to be stupid, rather than open it and remove all doubt.

#3. There is nothing "wrong" with being wrong. Learning from a mistake can be more valuable than not making one in the first place.

 

Follow these simple rules in life, and I promise you, things magically get easier. " - MageTank 31-10-2016

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
8 hours ago, mr moose said:

Check out their about us page:

http://www.flightsimlabs.com/index.php/about-us/

 

If they aren't dodgy then no one is.

 

 

 

That's about 5 too many shades for me to trust them

We have a NEW and GLORIOUSER-ER-ER PSU Tier List Now. (dammit @LukeSavenije stop coming up with new ones)

You can check out the old one that gave joy to so many across the land here

 

Computer having a hard time powering on? Troubleshoot it with this guide. (Currently looking for suggestions to update it into the context of <current year> and make it its own thread)

Computer Specs:

Spoiler

Mathresolvermajig: Intel Xeon E3 1240 (Sandy Bridge i7 equivalent)

Chillinmachine: Noctua NH-C14S
Framepainting-inator: EVGA GTX 1080 Ti SC2 Hybrid

Attachcorethingy: Gigabyte H61M-S2V-B3

Infoholdstick: Corsair 2x4GB DDR3 1333

Computerarmor: Silverstone RL06 "Lookalike"

Rememberdoogle: 1TB HDD + 120GB TR150 + 240 SSD Plus + 1TB MX500

AdditionalPylons: Phanteks AMP! 550W (based on Seasonic GX-550)

Letterpad: Rosewill Apollo 9100 (Cherry MX Red)

Buttonrodent: Razer Viper Mini + Huion H430P drawing Tablet

Auralnterface: Sennheiser HD 6xx

Liquidrectangles: LG 27UK850-W 4K HDR

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Pirates don't have that issue. Imagine that.

 

DRM is getting increasingly draconian, with no point whatsoever. Just look at playready 3, that requires outright hardware to play streams. It's just too much.

Watching Intel have competition is like watching a headless chicken trying to get out of a mine field

CPU: Intel I7 4790K@4.6 with NZXT X31 AIO; MOTHERBOARD: ASUS Z97 Maximus VII Ranger; RAM: 8 GB Kingston HyperX 1600 DDR3; GFX: ASUS R9 290 4GB; CASE: Lian Li v700wx; STORAGE: Corsair Force 3 120GB SSD; Samsung 850 500GB SSD; Various old Seagates; PSU: Corsair RM650; MONITOR: 2x 20" Dell IPS; KEYBOARD/MOUSE: Logitech K810/ MX Master; OS: Windows 10 Pro

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Can't wait for the lawyers to get involved in this, they've already broken a UK law for one of the top of my head. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Looks like the data is being sent of HTTP too

 

https://www.fidusinfosec.com/fslabs-flight-simulation-labs-dropping-malware-to-combat-piracy/

PLEASE QUOTE ME IF YOU ARE REPLYING TO ME

Desktop Build: Ryzen 7 2700X @ 4.0GHz, AsRock Fatal1ty X370 Professional Gaming, 48GB Corsair DDR4 @ 3000MHz, RX5700 XT 8GB Sapphire Nitro+, Benq XL2730 1440p 144Hz FS

Retro Build: Intel Pentium III @ 500 MHz, Dell Optiplex G1 Full AT Tower, 768MB SDRAM @ 133MHz, Integrated Graphics, Generic 1024x768 60Hz Monitor


 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
10 minutes ago, SC2Mitch said:

Can't wait for the lawyers to get involved in this, they've already broken a UK law for one of the top of my head. 

its illegal in pretty much any western country. spreading malware in of itself and possibly illegal wiretapping in the US.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

The wonderful world of DRM

One day I will be able to play Monster Hunter Frontier in French/Italian/English on my PC, it's just a matter of time... 4 5 6 7 8 9 years later: It's finally coming!!!

Phones: iPhone 4S/SE | LG V10 | Lumia 920 | Samsung S24 Ultra

Laptops: Macbook Pro 15" (mid-2012) | Compaq Presario V6000

Other: Steam Deck

<>EVs are bad, they kill the planet and remove freedoms too some/<>

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
5 minutes ago, apm said:

its illegal in pretty much any western country. spreading malware in of itself and possibly illegal wiretapping in the US.

In the UK they've already broken the Misuse of Computers Act which could land their asses in the slammer for a year. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
11 hours ago, Sierra Fox said:

3) If such a specific serial number is used by a pirate (a person who has illegally obtained our software) and the installer verifies this against the pirate serial numbers stored in our server database, it takes specific measures to alert us. "Test.exe" is part of the DRM and is only targeted against specific pirate copies of copyrighted software obtained illegally. That program is only extracted temporarily and is never under any circumstances used in legitimate copies of the product. The only reason why this file would be detected after the installation completes is only if it was used with a pirate serial number (not blacklisted numbers).

Incoming lawsuit.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
9 hours ago, Spotty said:

"Yes, your Honour, we have proof that it was him that pirated the content to our DLC plane in FSX . We used malicious software to steal his passwords and access his facebook and twitter account to harvest his personal information in order to identify him, which we believe we are morally allowed to do since he didn't pay for our add-on."

I cannot see how they could ever possibly think that any part of their plan would be beneficial. Legal proceedings alone against sole pirates are pointless - costing more for the company than what, if anything, they can recover through the courts from the pirate. Even if they do manage to find the person and identify them, most of the pirates would be in different countries around the world with different legal systems and courts. It would be a pointless endeavour for them to attempt to launch legal action against them all. They would be better off spending their time promoting their product to drive sales rather than hunting down those who are pirating it and attempting to reclaim the cost through the courts.


The real crime being committed here is the mod costs USD $99.95. No wonder people are pirating it.



5a8a86046c29d_ripoff.jpg.14b7edab62d5b354f5a25664e11309bd.jpg

 

That's for the FSX version. The Prepar3D version costs $139.95...

Link to comment
Share on other sites
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing Tech News

×