[Infowarrior] - Fake Game Installer Punishes Pirates Via Epic Privacy Breach

Tue Mar 23 12:52:10 UTC 2010

Fake Game Installer Punishes Pirates Via Epic Privacy Breach Written  
by enigmax on March 23, 2010
http://torrentfreak.com/fake-game-installer-punishes-pirates-via-epic-privacy-breach-100323

Over the years would-be game pirates have been targeted in a number of  
ways such as through draconian DRM schemes and even viruses. Now it  
appears that file-sharers who thought they were going to download a  
high-profile interactive erotic novel have been instead treated to a  
security and privacy breach of epic proportions.

Although probably not that popular with your average Western Modern  
Warfare 2 gamer, visual novels are very popular in Japan. Players  
watch and listen to a story and as it unfolds and are able to  
influence the outcome of the plot by making decisions which cause the  
game to branch.

These games often have erotic and downright sexual elements and Cross  
Days from developer 0verflow is no different. The game suffered  
several delays before release, apparently so that it could be launched  
along with a special, ahem, USB ‘hands-free’ device for experiencing  
‘climax scenes’ (NSFW: Male and female versions) but it was finally  
released just a few days ago.

Of course, not everyone would acquire the game through the official  
channels and many turned to file-sharing networks for their erotic  
gaming fix. Some, who were not particularly careful about the item  
they were downloading, were in for a pretty big shock.

Alongside the pirated versions of Cross Days can be found some  
software which claims to be the installer for the game, but is  
actually a piece of pretty vicious malware which appears to try to  
punish would-be pirates.

When run, the installer pretends to be the game but using personal  
information gathered from the victim’s computer (including IP  
address), it presents a survey which asks for more personal  
information – including their email address and password.

Once completed, the information is uploaded to a website for all the  
Internet to see – accompanied by a screenshot of the victim’s desktop.  
Samples of the information uploaded by the trojan can be viewed here  
and although much of it is in Japanese, there’s enough pictures and  
English text to entertain most readers and thoroughly embarrass the  
unlucky reader of Keily’s Plant.

Adding insult to injury, according to a report the installer’s terms  
of service agreement actually states that all these things happen, but  
as we all know, hardly anyone reads them.

Although it is possible to have the would-be pirate’s personal  
information taken down from the website, first the user has to  
effectively apologize for having tried to illegally download Cross Days.

Adding to the confusion, developer 0verflow are reporting that users  
of Avast! anti-virus software receive a false-positive warning (Win32:  
Trojan-gen) when installing the real game.

This isn’t the first time Japanese file-sharers have been targeted by  
malware writers. In 2007 a bizarre virus was released which threatened  
to kill people who illegally download using P2P.