Fans around the world downloaded the game, but soon started wondering why their virus scanners were going crazy. Assuming the game had somehow triggered a false positive, a “professional antivirus employee” did a little digging into the game’s source code – he was shocked by what he found.
Tucked away inside the retro remake was a snippet of malicious code – a keylogger, which is used to steal a user’s passwords and personal detail from afar. The software monitors each keypress on an infected computer, and has the ability to “phone home” with the recorded data.
Fansite Sonic Retro explains that – at this stage at least – there is no proof that the Sonic 2 HD keylogger has phoned home, but the software definitely has the ability to seriously compromise your computer security.
Because this vulnerability has been found, we are strongly advising that the software be removed. You will need to delete the files included with the Sonic 2 HD zip, as well as the registry keys hooked at HKEY_CURRENT_USER/Software/NakaSMK (if you are unfamiliar on how to do this, go to Start->Run.., type regedit, follow the folder path, and then delete the NakaSMK folder.)
Player Attack is not hosting the infected files – but we will be keeping an eye on the game’s progress. When (if?) an updated version is released, without the pesky malware, we’ll let you know.