The creator of the Space Invaders game that was categorised as a Trojan by Symantec has hit back at claims that it is malware.
Speaking with SC Magazine, ‘Lose/Lose' creator Zach Gage claimed that he was aware and actually happy that anti-virus vendors were detecting Lose/Lose as malware, even though Lose/Lose actually is not malware, since malware means maliciously designed software, and Lose/Lose was never designed to intentionally hurt people.
He described Lose/Lose as simply ‘potentially dangerous software', and said: “A lot of companies have decided it was malware, which I'm cool with, although I don't think it's accurate.
“To be honest, I may have made the mistake by releasing it without contacting anti-virus companies first, but considering nobody has ever emailed me upset about having lost files, I think it's pretty safe to say the warnings were sufficient.
“Now that there are warnings and anti-virus protection I don't think the game will accidentally hurt anyone. But as I said, it's not a Trojan, and I'm uncomfortable with it being used as part of Symantec's marketing in such an explosive fear-inspiring way.”
Symantec's senior information developer Ben Nahorney claimed that the game contained a Trojan, which was labelled as Trojan.Loosemaque that specifically targeted Mac users.
Nahorney also claimed that ‘reading through the author's description, it seems that he has created this game/threat as some sort of artistic project'. Gage confirmed this, stating: “Lose/Lose is an art project, and actually part of my MFA thesis. The game is a conceptual game about the collision of the virtual world with the real world, and how something in the entirely virtual world can have real life consequences. It's also about choice and war.”
In a statement, Symantec said: “Symantec has classified OSX.Loosemaque as a level one threat (very low). Our goal is to ensure computer users are protected against online risks.
“Regardless of the author's original intent for the program, its ability to delete files could pose a risk to computer users and even open up the possibility of someone with more malicious intentions to modify the program and pass it on to unsuspecting users.”
Commenting, Christopher Boyd, director of research at FaceTime security labs, claimed that the game has been around since at least September, and yet despite this he did not believe that he had seen a single complaint about the program, and that he rather liked the concept.
Boyd said: “The [Symantec] video is absolutely ludicrous. They note that the game clearly warns you of what it will do if you run it (delete files) and then proceeds to show us the game....deleting files, as if this is somehow something to be shocked by.”
Boyd referenced Symantec's claim that ‘there's nothing stopping someone with more malicious intentions from modifying it slightly and then passing it on to unsuspecting computers, causing significant damage to a computer'.
He said: “Two things. First, couldn't you say that in relation to just about any program? Seems like a bit of a weak reason for marking it out. Second, the game already causes ‘significant damage' if you run it in its current state, which is nice enough to give you a great big warning when you run it.
“I also have an issue with the write-up of the ‘threat' - at no point that I can see does it mention you have to download the game voluntarily, and that the game warns you in big red letters what it will do if you play it. I'm also faintly alarmed that this game is being called a ‘Trojan' when everything it does is disclosed both on the homepage and also in the program itself. Not so much a wooden horse as one made out of paper?”
Gage concluded by saying: “Lose/Lose is only dangerous if you avoid warnings and are into downloading and running random things on the internet because they look fun. It would be like inviting random people off the street into your home and letting them hang out. We shouldn't need companies to protect us against that kind of behaviour. We should know better.”