Why did he do it? To get the login name/password combos of pirates that they use on pirate sites, probably to do some damage on said sites or to gather evidence about pirates who steal his game by offering product keys.
Redditors discussing this linked several other events when devs used tools like rootkits that are typically associated with hackers. I don’t get into the legality of this, since it largely depends on what do you click “yes” without reading.
I’ve always claimed that pirates and cheaters should be prosecuted by the state as criminals instead of being sued by the devs. But this time I don’t argue ideologically. I’m just saying that if the government doesn’t protect developers from pirates/cheaters, they will do it themselves in a “let’s ride boys and hang them bad guys” style and they will surely shoot innocents in the process. Good candidates for innocent victims are modders, machimia-makers (who want to make a video using game engine) and people who got viruses, even if technically they modify game files or access game processes.
There is a further problem. If it becomes – and already became – customary that games demand you to click “OK” on a blanket spying program, game developers themselves become target of spies and (non-game related) cybercriminals. For example Blizzard uses the Warden which is practically a rootkit and access various files and memory in your computer, reporting its findings to Blizzard. Now imagine that a criminal gang infiltrates Blizzard and injects a code into Warden that looks for your credit card info. Then they grab the credit card info sent back to Blizzard before anyone there notices what’s going on and steal the money of all the players. Or consider the possibility that a foreign spy uses a game’s installer or patcher to inject a backdoor program if you are playing the game from certain IPs, hoping that a bored soldier or government worker uses the game on a secured location. This isn’t a wild possibility, a fitness app was used to track down a bunch (not particularly bright) members of special forces in secret bases in the Middle East.
A video games have no place accessing root of a computer, or anything outside its own memory. Video games are complicated software, usually full of bugs that are best run isolated, with as little rights as possible. However if you’d enforce this, all game companies would go bankrupt due to rampart cheating and piracy as the only defense developers have is practically hacking your computer, getting full control over it to look for pirate/cheater software. But they would no longer need this if the police would protect them. I don’t have belt fed machine guns in my home to protect myself from invading horde because my country has an army for that. If devs could simply report cheaters to cops knowing that the guy will soon stop logging in due to being in jail, they wouldn’t be busy installing spy programs on anyone’s computers.