Over the years would-be game pirates have been targeted in a number of ways such as through draconian DRM schemes and even viruses. Now it appears that file-sharers who thought they were going to download a high-profile interactive erotic novel have been instead treated to a security and privacy breach of epic proportions.
Although probably not that popular with your average Western Modern Warfare 2 gamer, visual novels are very popular in Japan. Players watch and listen to a story and as it unfolds and are able to influence the outcome of the plot by making decisions which cause the game to branch.
These games often have erotic and downright sexual elements and Cross Days from developer 0verflow is no different. The game suffered several delays before release, apparently so that it could be launched along with a special, ahem, USB ‘hands-free’ device for experiencing ‘climax scenes’ (NSFW: Male and female versions) but it was finally released just a few days ago.
Of course, not everyone would acquire the game through the official channels and many turned to file-sharing networks for their erotic gaming fix. Some, who were not particularly careful about the item they were downloading, were in for a pretty big shock.
Alongside the pirated versions of Cross Days can be found some software which claims to be the installer for the game, but is actually a piece of pretty vicious malware which appears to try to punish would-be pirates.
When run, the installer pretends to be the game but using personal information gathered from the victim’s computer (including IP address), it presents a survey which asks for more personal information – including their email address and password.
Once completed, the information is uploaded to a website for all the Internet to see – accompanied by a screenshot of the victim’s desktop. Samples of the information uploaded by the trojan can be viewed here and although much of it is in Japanese, there’s enough pictures and English text to entertain most readers and thoroughly embarrass the unlucky reader of Keily’s Plant.
Adding insult to injury, according to a report the installer’s terms of service agreement actually states that all these things happen, but as we all know, hardly anyone reads them.
Although it is possible to have the would-be pirate’s personal information taken down from the website, first the user has to effectively apologize for having tried to illegally download Cross Days.
Adding to the confusion, developer 0verflow are reporting that users of Avast! anti-virus software receive a false-positive warning (Win32: Trojan-gen) when installing the real game.
This isn’t the first time Japanese file-sharers have been targeted by malware writers. In 2007 a bizarre virus was released which threatened to kill people who illegally download using P2P.