You are proceeding to a page containing mature content. Is this OK?

check Yes, show me everything
close No, hide anything sensitive

“Romancing” Eroge Virus Blackmails Pirates

kotonoha-through-screen

A cunning virus which masquerades as the installer to various pirated releases of popular software, especially adult games, was in fact part of a wider scheme to blackmail the pirates it caught into making payments if they wanted to have incriminating personal details removed from the web.

The virus itself has been spread on Japan’s top P2P networks Winny and Share, where it is disguised as a game installer and packaged in fake pirate releases of popular eroge (or in other popular targets of pirate interest).

The installer first asks for personal details as part of the installation process, which it sends to a remote site, after which it takes a screenshot of the user’s desktop and collects details such as file access and browser history, and sends all of this to the same site.

However, its mischief does not end there – once public, the user was presented with the sight of their details spread about on the web, and a form with which to request the details be taken down.

If the user was stupid enough to provide further contact details, the company would then send a threatening email demanding a small “settlement fee” to clear up the issue of their copyright infringement (none of which was anything more than opportunistic scam, of course).

The sites involved in this particular iteration of the scam have since been shut down, but not before some 5,500 people are thought to have been infected. Just how many went along with the blackmail and paid to save their name, and whether the blackmailers actually removed their details as a result, is not known.

The whole process has come to be known as the “Romancing swindle,” based on the name of a company supposedly involved, Romancing Corporation.

The story has even been picked up by the BBC, though at the time of writing their version is pathetically riddled with inaccuracies – “Winni,” it  is said, is used by “up to 200 million people” (larger than the entire population of Japan), and the virus “targets those downloading illegal copies of games in the Hentai genre, an explicit form of anime.”

lolicon-headteacher-apologises

The most famous victim of this particular iteration of the virus was the head teacher of a middle school caught pirating software and downloading what is thought to be child pornography.

Despite the scandal, he appears to have kept his job in spite of it being rather obvious his interest in his students may take a decidedly extramural turn.

doctor-desktop

Another case was the admin of the “PC Game Clinic,” a 10-year-old eroge review site carrying some 700 carefully prepared reviews, with the admin purportedly an eroge collector and connoisseur.

The admin/writer (or “doctor”) was exposed by the virus to be nothing more than a common pirate, and when confronted first claimed “a friend borrowed my notebook and installed it” – however the screenshots showed more storage than any notebook could ever contain, and 2ch soon gained access to his Mixi profile, confirming his identity, along with the whois details to the domain.

MINOLTA DIGITAL CAMERA

Frantic excuses and offers to show parts of his collection followed, but for some reason he could only get 5 games together. Soon his excuses stopped and he closed the site in what might be presumed to be shame at his deceitful hypocrisy, although he refused to admit wrongdoing (usually a major mistake when dealing with 2ch).

Such viruses in fact have a long history in Japan, generally having been employed for the perverse amusement of sites such as 2ch – voyeurism and vigilantism there combine in a sort of sport in which 2ch occupies itself periodically in attempting to destroy the life of someone it takes umbrage at.

However, in 2007 what may have been the first for-profit Winny virus was distributed, although in that case the fraud was much less sophisticated.

That the developers of such viruses eventually concocted a much more effective scheme by which they could extort money from their idiot victims is hardly surprising.

Leave a Comment

70 Comments

  • Sandalphon says:

    “The installer first asks for personal details as part of the installation process”

    That would have set off the highest level alarms in my brain. No pirate software needs my personal details for any purpose. I would have just deleted the damned thing asap an probably run an antivirus/ antispyware software.

  • You know, I would suspect something when the installer for anything but an office suite asked me for personal identity stuff as part of an install.

    To be blunt, you do NOT have to put that stuff into a LEGITIMATE installer…. at least not yet.

  • #1 – Downloads from Share
    #2 – Disables NIC
    #3 – ???
    #4 – Profit?

    Then again the fact that they actually entered personal information for a game installer leaves their knowledge to be highly suspect. Doing anything illegal? Well paranoia is your friend!

  • No.! Kotonoha!<3 HELL YEAH<3 No.2 I applaud rmancing corp. since piracy is a serious economic threat nowadays… people seem to accept that since you can get free entertainment it no longers matters what happens afterwards even if the sales are hurt as a result. No.3 the BBC needs to do it's homework it's giving people the wrong impression about anime and getting them mixed up with e roge

  • I notice you guys get extremely cranky when mentioning PS3/PSP/hell sony in general, piracy. But you all seem to not give a crap about eroge piracy.

    You are aware there is no actual difference? And don’t give me that crap waaah it’s not easily available to [insert country here], and that’s why I pirate eroge. Japanese friends, forums, proxies, there eroge piracy solved right? Didn’t think so.

    And for all of you who claim to have NEVER stolen anything aka being a pirate. Are you aware that downloading any picture off the internet without asking the owners permission is copyright infringement, unless it comes from public domain. Yes it actually is, here is an example : http://www.pdimages.com/law/19.htm

    And I can assure you Sankaku’s Image channel is not public domain.

    Youtube is a huge violation of copyright infringement, pictures(slide shows), videos/movies/episodes and music. I’m willing to bet everyone here has used youtube. And if you stream it, then your pirating.

    I don’t care about piracy, because I pirate, but I hate double standards. It’s either all fine or none of it is.

    • If you don’t care then STFU? Seems simple to me. I mean I’m sure you’ve been a hypocrite yourself at some stage in your life.

      The publishing argument is a valid one. If they aren’t willing to sell their games outside of Japan that’s their prerogative but they can’t really complain if I pirate the wares I can’t purchase.

      Now as you seem to be happy to continue making an arse of yourself I’ll address your other point.

      Unintentional copyright violation. Been on google recently? Yeah no doubt you’ve downloaded some copyrighted material at some stage just browsing through search results. I can safely say most of that infringement doesn’t actually matter. If the owner gave a damn they would see about protecting their copyright.

      When someone says they’ve never pirated something they mean they’ve never pirated commercial wares, that is things that costs monies to purchase. Yes you’re bound to come across copyrighted material but odds are the majority of it has no asking price and is just under the simple automatic copyright laws that may or may not apply in your country.

  • Out of the 1000 or so H-Game’s i own i have never came across one that has asked for personal detail’s to install
    so basic common sense would tell you something was up when one does and only an idiot would enter real detail’s into a pirated game

  • They must be pretty dumb to put their real info in a pirate installer.
    Heck I don’t even put my real info in a real legit installer.
    Still in US this would not last long as the host of the website would be visited by the FBI.
    The penalties for an identity theft and extortion scam like this are much worse then for simple software piracy.

  • That’s what VMs are good for. To test fakes. Real name or not, without network it cannot do much. And pirated games will not ask you to connect outside unless they’re MMO.

    Seriously, people trust software too much, pirated or not.

    • VMware is a good way to test an app.
      Another trick have a test HD and boot this while having your normal working HD disconnected.
      The test HD like the VMware image would be devoid of personal info.
      Have a firewall on the test machine that allows you to control which apps can access the net.

      A good hardware firewall also can be handy and watch your traffic with an app like Etherape on *nix and Wireshark on windows.
      This BTW is not a virus but instead a Trojan horse.
      A Trojan horse pretends to do something useful and may even be packaged with a useful app in this case as a delivery mechanism.
      A similar Trojan horse by the name of spy sheriff actually once posed as a spyware removal tool.
      In it reported a faked infection and tricked people into buying the full version to remove the infection.
      It would send their credit cards numbers to a server somewhere in eastern Europe.
      Any app that does not have an uninstaller is a trojan and do not give it any personal information the computer should be disconnected from the web and cleaned with a reputable virus scanner and spyware removal tool.
      AVG is free for a trial period of 60 days,Clam AV is free,and Adaware is a good free spyware cleaner.

      • well there’s a network emulator now for Assassin’s Creed II and my friend using it coz he’s a pirate.

        I can buy it but my ISP is fucked up(DRM needs stable connection BTW), so I will use the pirated AC II until I get a great ISP.

        • I ban any software that has that kind of DRM .
          I’ll never buy an Ubisoft game untill that DRM model is dropped.
          The best thing to do is not play it all and boycott them.
          If you have to play the rubbish pirate it but don’t give them your money.
          Companies like that deserve to go under.
          But if a company does not exhibit scumtastic behavior you should buy the game/app esp if it is fairly priced.

    • Sued they could face far worse then a law suit.
      If they are very lucky they’ll only get sued into bankruptcy.

      I’m not sure on the laws in Japan but extortion is a serious crime in other countries.
      They could possibly find themselves extradited to a foreign prison.

      • @Artefact 07:39

        Yes, and never fill those out, if I can avoid it. (I don’t need “personal” support.)

        On the installers I can’t skip past registering, or get nagged to death (i.e., Sun VirtualBox), I enter verifiable but bogus data.

    • Greetings good Sir or Madam,

      My name is Prince *insert niggerian sounding name* and I urgently need your help. For some very inexplicable reason, I need to deposit $15,000,000 (15 milion US dollars) into your bank account because it appears I’m in the only place in the world where bankers and government officials are not susceptible to corruption. However, my funds have been frozen and I need $10,000 from you to unfreeze them. Please send a check of $10,000 to my Ukrainian address where I’m in hiding right now so I can deposit all my money into the account of some random person on the internet. As you see, I’m more guilable than you. There is absolutely no reason to suspect me of fraud or anything.

      Yes, people still fall for that. The spammers don’t bombard your mailbox just to fuck with you.
      The lesson here is that you should never underestimate how stupid people are. Be happy that your parents have higher quality genes.

    • That just means before you fap, you need to keep that steel codpiece on until Kotonoha-chan goes away. When she disappears from the screen after bootup, whip it off and commence the Five Finger Knuckle Shuffle!

      Problem solved.

  • “targets those downloading illegal copies of games in the Hentai genre, an explicit form of anime.”

    Calling games “anime” is pretty stupid (with all the attention anime has been getting recently, it’s a shame that the average westerner still doesn’t know that anime is just what the japanese call animation and isn’t used to describe [i]all[/i] media from japan) but at least they’re acknowledging hentai as a genre and not using it synonymously with “anime”.

  • Shame on them for revealing personal information under these circumstances. How stupid can people get?

    On a side note – pirating is fun, everyone should do it. Nothing to be ashamed of. Just buy the stuff you liked, if you can.

    • In western torrent sites their files would be banned from many servers and they may face vigilante attacks.
      The web server hosting to public info would not remain up long as there are even rules of etiquette in the pirate community.

      • Well, yes, he’s a fool, regardless of whose computer was infected, isn’t it common sense to feed fake data to pirated game installers? Heck I’d feed fake data even I *bought* the game.

        Never give up personal information without a reason.

        But that’s just the basics. The other thing is running this shit in an emulator, there are free personal use pc emulators these days, eroge aren’t really hardware intensive and don’t require a net connection, you don’t have any reason not to run them in sandboxed environments.

        Given that copy protection systems are basically rootkits, just assume all games are trojans.

        • @Anon 07:59

          You’re right, there’s no excuse not to run stuff like that in a virtual machine. There are good, free VM systems out there.

          * Qemu (quite stable, command-line interface, runs on Windows, Linux, and OS/X; it also emulates non-x86 architectures)

          * VirtualBox (lots of nifty features, a nice GUI, runs on Windows, Linux, and OS/X, but between changes and regression bugs, less stable, I think, than Qemu)

          * Microsoft Virtual PC (it is what it is)

  • GG Hentai Pirates.

    On another note, the fact that the head teacher of a middle school was caught downloading CP is pretty amusing. I wonder why he’s teaching at a middle school, why not an elementary school?

    • CP is a very broad umbrella term. If his worst offense is 15yo schoolgirls, then that’s perfectly normal, medical wise (but not legal wise!).
      Paedophilia is attraction to very young children. There is a great manga about the subject that sankaku linked some months ago.

    • “On another note, the fact that the head teacher of a middle school was caught downloading CP is pretty amusing. I wonder why he’s teaching at a middle school, why not an elementary school?”

      Porn of middle school kids is still CP. A person is considered a child as long as they’re under 18.

      • Legally, yes. But when talking about CP, do you really expect it to feature 17-year-olds? Also, pedophiles are strictly interested in prepubescent children, you would expect child porn to have children of that age.

        It should also be noted that porn featuring adolescent children is legal in some countries.

      • They are scum but this not a virus but instead a trojan horse.
        If this is someone’s idea of vigilantism against pirates remember in countries like US and member states of the EU this carries a much higher penalty then piracy.
        It’s blackmail in the US and carries a maximum penalty of 14 years plus there is the computer trespassing laws.

        • poor guys just wanted porn games. don’t give personal info on bootleg shit. and if it isn’t an actual installer, then there is no crime. there was an incident in america i think, where a guy would make false child pornography photos. he would upload them on a p2p program with suggestive names. once they were downloaded, the guy tried to call the police on the person who downloaded the kiddy porn. the case wouldn’t hold water because downloading a threatining letter called kiddy porn isn’t illegal, and if he uploaded real child porn HE would get busted.

        • I saw this news ages ago for cross days, what could be worse than a virus stealing all your personal information. It would be worse when that information includes a game based on trasvestite 2d traps lmfao.

        • Then some other script-douchebag would come along to build a better mousetrap against that virus.

          Srsly, the only reason people make computer viruses is to stay in business.

          Sarcasm

          More money in making new viruses that the latest version of XXXXX Antivirus just happens to be proof against.

          /sarcasm