Jump to content
Jon Skiffington

Malware in installer?

Recommended Posts

nabarun
Just now, Riccardo Masia said:

But even so, do you guys have any legal grounds to obtain passwords from users that are trying to install pirated software?

i 100% agree on you 

  • Like 1

Share this post


Link to post
Floris

Payed 100+ euros to fund a company doing illegal activities. Even when a serial is illegal, you cant just put malware on a pirates PC, it's illegal. Very dissappointed.

  • Like 6

Share this post


Link to post
Tobias Gruber

"your honor we illegally collected this data of a user who illegally downloaded our software" ....im sure they have legal securities in place but it still seems rather....untrustworthy.

Share this post


Link to post
klolhi

Even if it was for that right reason, there really is no legal right for them to do this. You'd expect this from some type of legal authority, but not from a software developer.

  • Like 1

Share this post


Link to post
Liam Giles
3 minutes ago, Lefteris Kalamaras said:

It's not being installed - only temporarily extracted (by the nature of the installer) and then removed as soon as the installer finishes. It is never used on legitimate customers, only on verified pirate serial numbers.

Couldn't this be done when a user enters their activation key on install? Flag up if a blacklisted key/order/email is used? I don't see the need for an extra executable here that just raises concerns.

  • Like 1

Share this post


Link to post
Pawel Chadaj

Guys, its a joke or what? Its totally illegal. You dont have  rights to do it.  I`ve bought your product for almost $150 and now i see this. Thanks.

  • Like 2
  • Thanks 1

Share this post


Link to post
Florian Niklas
1 minute ago, Lefteris Kalamaras said:

It's not being installed - only temporarily extracted (by the nature of the installer) and then removed as soon as the installer finishes. It is never used on legitimate customers, only on verified pirate serial numbers.

I've two questions:

1. Can you confirm, that this file isn't executed at all if i'm a legit customer? It is never called, my passwords don't get extracted and it doesn't transfer any private information to anyone?

2. Why would you execute that file if i'm not a legit customer (for what reason do you need passwords from the user just to confirm that the serial is illegal) and what happens to the private information (passwords) after the file got executed?

  • Like 2

Share this post


Link to post
Drawyah

Okay, so this does not happen to people who quote "legitimately purchased our products".

I'm personally not an FSLabs customer as of yet (looking into the Concorde) but what would be interesting to know is why dump passwords?

I get that test.exe is only run when a pirate copy of the add-on is used, but why passwords? What purpose does that serve and what happens next? Does this get sent back to your own servers to mess around with?

Messing around with pirate passwords is no more legal that playing with legitimate ones too...

  • Like 1

Share this post


Link to post
klolhi
Just now, Florian Niklas said:

I've two questions:

1. Can you confirm, that this file isn't executed at all if i'm a legit customer? It is never called, my passwords don't get extracted and it doesn't transfer any private information to anyone?

2. Why would you execute that file if i'm not a legit customer (for what reason do you need passwords from the user just to confirm that the serial is illegal) and what happens to the private information (passwords) after the file got executed?

Regardless of whether it executes while being a legit customer, it is still illegal.

  • Like 1

Share this post


Link to post
Evan Hardin

I'd be interested to hear from an attorney if that data (mined) is admissible in court. 

Share this post


Link to post
Matt Gardiner
1 minute ago, Evan Hardin said:

I'd be interested to hear from an attorney if that data (mined) is admissible in court. 

It doesn't take a lawyer to tell you that obtained info in that manner is not admissible.

  • Like 4

Share this post


Link to post
Mike Ionas
4 minutes ago, Riccardo Masia said:

But even so, do you guys have any legal grounds to obtain passwords from users that are trying to install pirated software?

Do users have the right to use software they haven't paid for? Almost all cracks/keygens are flagged by antivirus software as malicious, yet pirates still use them anyway, as it is the only way to use software they haven't paid for.

Legitimate customers are unaffected by any of this.

  • Like 3

Share this post


Link to post
klolhi
Just now, Mike Ionas said:

Do users have the right to use software they haven't paid for? Almost all cracks/keygens are flagged by antivirus software as malicious, yet pirates still use them anyway, as it is the only way to use software they haven't paid for.

Legitimate customers are unaffected by any of this.

Very true, but wouldn't it still be illegal to do something like this?

 

Share this post


Link to post
Lefteris Kalamaras
15 minutes ago, Lefteris Kalamaras said:

Hello all,

3) If such a specific serial number is used by a pirate (a person who has illegally obtained our software) and the installer verifies this against the pirate serial numbers stored in our server database, it takes specific measures to alert us. "Test.exe" is part of the DRM and is only targeted against specific pirate copies of copyrighted software obtained illegally. That program is only extracted temporarily and is never under any circumstances used in legitimate copies of the product. The only reason why this file would be detected after the installation completes is only if it was used with a pirate serial number.

 

Share this post


Link to post
Matt Gardiner
3 minutes ago, Mike Ionas said:

Do users have the right to use software they haven't paid for? Almost all cracks/keygens are flagged by antivirus software as malicious, yet pirates still use them anyway, as it is the only way to use software they haven't paid for.

Legitimate customers are unaffected by any of this.

But it's sadly open to exploitation by others if they could find a way to it. 

 

FSL really need to ensure and prove to legit customers that the file hasn't taken anything.

Edit: I trust FSL had great intention here and piracy is a cancer in the FS community, but this doesn't look great.

  • Like 1

Share this post


Link to post
Luca vom Bruch
5 minutes ago, Lefteris Kalamaras said:

It's not being installed - only temporarily extracted (by the nature of the installer) and then removed as soon as the installer finishes. It is never used on legitimate customers, only on verified pirate serial numbers.

Ok, but there needs to be a disclaimer that users agree to this?

Also; can't you just log the IP and then take that somewhere? I don't think extracting passwords is the way to go.

What exactly are you doing with the chrome passwords?

 

Share this post


Link to post
Stephen F
16 minutes ago, Lefteris Kalamaras said:

This method has already successfully provided information that we're using in our ongoing legal battles against such criminals.

This could easily be flipped around  now and genuine customers my feel betrayed by this admission 

  • Like 2

Share this post


Link to post
David Norfolk

Lefteris,  

My problem is that you guys ask us to verify your products on your forum hence why we got the “verified a320x customers” this doesn’t make much sense on why you need to access data like you have done if the products already been verified 

Regards 

 

 

Share this post


Link to post
Dean Johnston
1 minute ago, Stephen F said:

This could easily be flipped around  now and genuine customers my feel betrayed by this admission 

If he says it only installs that test.exe if a pirated serial is used by feel betrayal , you never will be affected by it in any form 

Share this post


Link to post
Matt Gardiner
Just now, DeanJohnston2717 said:

If he says it only installs that test.exe if a pirated serial is used by feel betrayal , you never will be affected by it in any form 

He pretty much admitted that it's installed on every PC no matter what, but is removed thereafter. 

So it does run if you're legit or not, that's the problem. 

  • Like 1

Share this post


Link to post
Evan Hardin
Just now, DeanJohnston2717 said:

If he says it only installs that test.exe if a pirated serial is used by feel betrayal , you never will be affected by it in any form 

To be honest I won't believe this until someone independently verifies that there is no trace on legitimate copies. 

Share this post


Link to post
João Gouveia
2 minutes ago, Matt Gardiner said:

He pretty much admitted that it's installed on every PC no matter what, but is removed thereafter. 

So it does run if you're legit or not, that's the problem. 

That's not what he said. He said it is extracted and only runs if it's a pirated copy. You can extract an executable file and not run it.

Share this post


Link to post
Mike Ionas
1 minute ago, David Norfolk said:

My problem is that you guys ask us to verify your products on your forum hence why we got the “verified a320x customers” this doesn’t make much sense on why you need to access data like you have done if the products already been verified 

David,

This only affects pirate copies and no data of legitimate users are accessed. The reason that verification is asked in the forums and the ticket system is to make sure that only legitimate customers receive support. You would be surprised at how many pirates request support although they haven't paid for the product they complain about.

  • Like 1

Share this post


Link to post
Stephen F
2 minutes ago, DeanJohnston2717 said:

This could easily be flipped around  now and genuine customers my feel betrayed by this admission 

Technically your affected once you run the installer  

Share this post


Link to post
Mike Ionas
2 minutes ago, Matt Gardiner said:

He pretty much admitted that it's installed on every PC no matter what, but is removed thereafter. 

It is not installed, only temporarily extracted, as Lefteris already said. There is a huge difference..

  • Like 2

Share this post


Link to post
Florian Niklas
11 minutes ago, klolhi said:

Regardless of whether it executes while being a legit customer, it is still illegal.

Absolutely! I just wanted to know how i'm affected (as a legit customer). It's unbelievable that the guys who are trying to hunt pirates are using illegal methods to do so.

  • Like 1

Share this post


Link to post
Matt Gardiner
1 minute ago, Mike Ionas said:

It is not installed, only temporarily extracted, as Lefteris already said. There is a huge difference..

Sorry my bad, please let it be shown I accept this and not my original statement.

  • Thanks 1

Share this post


Link to post
Scott Callaway
1 minute ago, Mike Ionas said:

It is not installed, only temporarily extracted, as Lefteris already said. There is a huge difference..

No, there is no difference. It shouldn't be put on the users computer in the first place.

 

You shouldn't be guilty until proven innocent. The devs should never expose your PC like that.

  • Like 1

Share this post


Link to post
Riccardo Masia
1 minute ago, Mike Ionas said:

It is not installed, only temporarily extracted, as Lefteris already said. There is a huge difference..

But the point is that malicious software is put on every user's pc, and only if you are using a pirated copy that software will be run. That doesn't sound right now, does it.

  • Like 1

Share this post


Link to post
Patrick Tinner

How do I know that my legit serial isn't blacklisted in your database?

  • Like 3

Share this post


Link to post
Florian Niklas
1 minute ago, Mike Ionas said:

It is not installed, only temporarily extracted, as Lefteris already said. There is a huge difference..

The question is not if it is removed after installation - the question is: Is this file ever executed if i'm a legit customer!

Share this post


Link to post
Lefteris Kalamaras
1 minute ago, Florian Niklas said:

Absolutely! I just wanted to know how i'm affected (as a legit customer). It's unbelievable that the guys who are trying to hunt pirates are using illegal methods to do so.

You're absolutely NOT affected at all. As I repeated before, there is nothing happening UNLESS your serial number has been verified to be a pirate serial number.

  • Like 1

Share this post


Link to post
Evan Hardin
1 minute ago, Patrick Tinner said:

How do I know that my legit serial isn't blacklisted in your database?

Good question. 

Share this post


Link to post
Pete Driver
1 minute ago, DeanJohnston2717 said:

If he says it only installs that test.exe if a pirated serial is used by feel betrayal , you never will be affected by it in any form 

At this point, there's no way to know whether or not there was any sort of accounting error that gets your personal key mistakenly placed in the "pirated key" list.   All trust has been violated.  The fact of the matter is that using a username and password collector as an anti-piracy tool is ILLEGAL.  

You're no better than the pirates you're defending against.   I don't know how you get out of this, but this was a terrible mistake on FSLabs part.  Good luck to you.

  • Like 9

Share this post


Link to post
Tony Williams
Quote

This method has already successfully provided information that we're using in our ongoing legal battles against such criminals.

FYI, five years ago Google was fined €150k for inadvertently illegally collecting snippets of e-mails and other personal data by collecting wi-fi data. I highly doubt your use of this tool is legal, or that the evidence it collects is in any way admissible.

It's a violation of everyone's trust to include this in the installer for legitimate customers, and therefore asking us to trust that it hasn't been run is ridiculous.

Quote

We will be happy to provide further information to ensure that no customer feels threatened by our security measures

I would like to know exactly what data this tool is collecting.

  • Like 2

Share this post


Link to post
Jouka Ahponen
Just now, Patrick Tinner said:

How do I know that my legit serial isn't blacklisted in your database?

If your legit serial has not made it's way to copies distributed illegally, there is no reason for fslabs to Blacklist it. They only blacklist serials they know are 100% pirated copies. That's what Lefteris said.

  • Like 1

Share this post


Link to post
João Gouveia
1 minute ago, Patrick Tinner said:

How do I know that my legit serial isn't blacklisted in your database?

If you bought it and you're the only one who uses it, why would it be blacklisted?

Share this post


Link to post
Lefteris Kalamaras
1 minute ago, Florian Niklas said:

The question is not if it is removed after installation - the question is: Is this file ever executed if i'm a legit customer!

I tried to be clear in my original announcement - there is nothing done if your serial number is legit.

Share this post


Link to post
Mike Ionas
1 minute ago, Florian Niklas said:

the question is: Is this file ever executed if i'm a legit customer!

And the answer is no.

Share this post


Link to post
Santiago Vegega

You should take down all installers you are distributing with malware immediately and replace them with malware-free installers.

Regardless of how mad pirates make you, doing illegal stuff yourselves is wrong. And you know that.

Every hour you continue to keep an infected installer will hurt your company more. Doesn't matter whether you think it's justified.

  • Like 7
  • Thanks 3

Share this post


Link to post
Lionel Bischof
1 minute ago, Patrick Tinner said:

How do I know that my legit serial isn't blacklisted in your database?

That's a good point. You're a verified user though so that'd be an even bigger problem on their side if any verified serial was blacklisted by "mistake"...

Share this post


Link to post
Dean Johnston

As long as users have purchased a legitimate  copy  there is nothing to worry about. there will be no malware on your computer

Share this post


Link to post
Lefteris Kalamaras
2 minutes ago, Patrick Tinner said:

How do I know that my legit serial isn't blacklisted in your database?

No legitimate purchased serial number is ever put on a pirate database. Why would it ever be?

Share this post


Link to post
David Norfolk
3 minutes ago, Mike Ionas said:

David,

This only affects pirate copies and no data of legitimate users are accessed. The reason that verification is asked in the forums and the ticket system is to make sure that only legitimate customers receive support. You would be surprised at how many pirates request support although they haven't paid for the product they complain about.

7 minutes ago, Mike Ionas said:

David,

This only affects pirate copies and no data of legitimate users are accessed. The reason that verification is asked in the forums and the ticket system is to make sure that only legitimate customers receive support. You would be surprised at how many pirates request support although they haven't paid for the product they complain about.

Mike, 

that makes sense 

 

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...