14 DAY TRIAL // A Microsoft Flight Simulator DLC from Flight Sim Labs (known as FSLabs) shipped with an executable file that was used to extract Google Chrome usernames and passwords and then upload them to the parent company’s own servers.
The controversial file, called text.exe and bundled into the legitimate installer FSLabs_A320X_P3D_v2.0.1.231.exe, is described as a Chrome Password Dump tool that requires administrator privileges on any Windows version in order to gather the usernames and passwords. The file is flagged as malware by the majority of Windows security solutions.
But Lefteris Kalamaras, founder of FSLabs, says the purpose of the file is to actually help them fight against software pirates, as text.exe only collects data from computers that are running pirated versions of Flight Simulator. To determine whether a specific install of the game is pirated or not, the file checks for a database of serial numbers known for being used by copies distributed on sites like The Pirate Bay.
“If such a specific serial number is used by a pirate (a person who has illegally obtained our software) and the installer verifies this against the pirate serial numbers stored in our server database, it takes specific measures to alert us,” Kalamaras explains.
What happens with users’ data?
The FSLabs executive guarantees that no data is extracted from systems running genuine copies of the game, and says that this only takes place temporarily. Despite this, however, FSLabs has released a new installer that does not include the controversial password-stealing file.
“While the majority of our customers understand that the fight against piracy is a difficult and ongoing battle that sometimes requires drastic measures, we realise that a few of you were uncomfortable with this particular method which might be considered to be a bit heavy handed on our part,” Kalamaras said.
The FSLabs founder, however, hasn’t addressed more important questions, as to what happens with users’ data after it’s uploaded to their own servers, and how exactly the whole thing happens, especially if any encryption system is being used.
In the meantime, some users are asking for refunds invoking the breaking of trust as the main reason, but it turns out that the company replies to customers to inform them that the installed has been updated without directly issuing a refund.