Flight Simulator's DRM fighter nosedives into Chrome's cache

A Chrome password dump tool found in the latest update from Microsoft's Flight Simulator Add-On wrangler, Flight Sim Labs, has virtual pilots up in arms.

The download featured updates to the Airbus A320 model including improvements to the engine crank and flare mode logic and, er... a password harvester for Chrome.

Noted in a Reddit thread the A320X update file, FSLabs_A320X_P3D_v2.0.1.231.exe, contains a Chrome password dump tool which, since the installer typically runs with administrative rights, would be installed silently onto a user’s system to do its nefarious work.

Doubtless spurred on by the sound of lawyers sharpening knives, Flight Sim Labs rep Lefteris Kalamaras acted quickly by, er, pouring additional aviation fuel onto the flames with a post that first admitted the presence of the malware and then tried to justify it as a defence against piracy.

In an effort to track specific pirates, Flight Sim Labs decided to drop a harvesting tool into the installer that, upon detecting a specific combination of user, email, serial number and IP address, would slurp the user’s private information from Chrome’s cache and lob it in the direction of Flight Sim Labs.

The information could then be used to gain access to illicit web sites used by the game cracking community and be passed onto the authorities. Resulting, with luck, in a knock on the door by a member of the local constabulary.

Users of third party password managers, such as LastPass and its ilk, are unaffected since the harvesting tool in question only targets Chrome’s password cache.

Unfortunately for the Flight Sim Labs team, the only door likely to receive a knocking by the forces of law and order is their own. With UK and Greece-based team members, the company may find themselves at the sharp, pointy end of the UK Computer Misuse Act, which is pretty specific about unauthorised access to personal data as well as the impending EU-wide GDPR legislation, which is due to hit in May 2018.

Despite assurances by Flight Sim Labs that the password harvester would be automatically removed at the end of the setup and registration process, wannabe-pilots looking forward to taking a virtual commercial airliner out for a spin are understandably alarmed by the prospect of malware being stealthily installed on their machine.

Accordingly, refunds are now being requested.

The installer in question has since been removed in a bid to undo the undoubted damage caused to user trust.

Flight Sim Labs have proffered an apology for what they now regard as an “overly heavy-handed approach to our DRM installer efforts”. ®