Sonic 2 HD Contains Keylogger, Delete Immediately [Update]
A group of fans recently released Sonic 2 HD, an alpha version of a very fancy home-made tribute to Sega's classic platformer. The game even, inadvertently, throws in a bonus: free keyloggers for everyone!
It's being reported that a "professional antivirus employee" has confirmed that copies of the game include "a keylogging program as part of the Sonic 2 HD alpha software".
Keyloggers are employed to monitor the keys pressed on a keyboard by a user, and can be used - depending on the type of keylogger used - to capture a user's passwords.
Here's the statement on the matter in full:
Earlier today, I was contacted by a professional antivirus employee who was interested in why Sonic 2 HD consistently popped up as a threat by multiple antivirus software programs and did some investigation. His results showed that a keylogger is part of the Sonic 2 HD software. After receiving this notification, we conducted our own independent tests and found that there is indeed a keylogging program as part of the Sonic 2 HD alpha software.
I want to emphasize that at this time, we have found no evidence that the software has been "phoning home" any data-only that we have found the capability exists.
Because this vulnerability has been found, we are strongly advising that the software be removed. You will need to delete the files included with the Sonic 2 HD zip, as well as the registry keys hooked at HKEY_CURRENT_USER/Software/NakaSMK (if you are unfamiliar on how to do this, go to Start->Run.., type regedit, follow the folder path, and then delete the NakaSMK folder.)
We will have more information on the situation as it evolves.
