Compliance Management, Malware, Privacy

Software vendor found placing malware in its own product

The company FlightSimLabs found itself in the odd position of having to remove malware it had installed on some versions of its software as part of the digital rights management package after it was discovered by a Redditor.

Redditor crankyrecursion found that FlightSimLabs Airbus A320 software came with a Chrome password dumping tool included that was capable of removing user names and passwords from any system on which it is running. The malware file was labeled Test.exe in the code.

The company not only did not deny this report, but its CEO Lefteris Kalamaras admitted that the malware was in place, but was needed to combat piracy.

“While the majority of our customers understand that the fight against piracy is a difficult and ongoing battle that sometimes requires drastic measures, we realize that a few of you were uncomfortable with this particular method which might be considered to be a bit heavy handed on our part,” he said.

Kalamaras also reiterated that the password finder was intended only to find out who was running pirated versions of its software titles and was never under any circumstances used in legitimate copies of the product.

“There is a specific method used against specific serial numbers that have been identified as pirate copies and have been making the rounds on ThePirateBay, RuTracker and other such malicious sites. If such a specific serial number is used by a pirate (a person who has illegally obtained our software) and the installer verifies this against the pirate serial numbers stored in our server database, it takes specific measures to alert us,” Kalamaras said in a blog post.

FlightSimLabs has since posted a version of Airbus A320 without the malware.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.