Here’s Why the Game Triggered An Anti-Virus Alert
What became a disaster upon DRM like protections being found in the Sonic 2 HD alpha release several days back has now morphed into a complete nightmare. An keylogger setup has allegedly been discovered within the game’s code.
In a post to Sonic Retro minutes ago, webmaster Courtney Grimes is now urging those who downloaded the demo to completely remove it, and the registry keys associated with it:
Earlier today, I was contacted by a professional antivirus employee who was interested in why Sonic 2 HD consistently popped up as a threat by multiple antivirus software programs and did some investigation. His results showed that a keylogger is part of the Sonic 2 HD software. After receiving this notification, we conducted our own independent tests and found that there is indeed a keylogging program as part of the Sonic 2 HD alpha software.
I want to emphasize that at this time, we have found no evidence that the software has been “phoning home” any data—only that we have found the capability exists.
Because this vulnerability has been found, we are strongly advising that the software be removed. You will need to delete the files included with the Sonic 2 HD zip, as well as the registry keys hooked at HKEY_CURRENT_USER/Software/NakaSMK (if you are unfamiliar on how to do this, go to Start->Run.., type regedit, follow the folder path, and then delete the NakaSMK folder.)
That part in bold, for the moment, has been corroborated by at least one member of Sonic Retro’s forumers. Oldbie Guess Who explains:
Regarding the keylogger: we’ve been tipped off by a commenter on the front page that S2HD creates registry hooks and monitors keyboard input in any window that has focus while the game is running. I personally really doubt the key monitoring behavior is designed to steal your information or anything (probably just sloppy input code), but be wary.
Still, the discovery could not come at a worse time for those behind the S2HD project, or for Retro itself, which once touted the game as one of its centerpiece community projects. Just last week, the fan game and the Sonic Retro community were plugged as part of Gamespot’s On the Spot video podcast–the same one that revealed the latest Sonic 4: Episode II trailer for the first time. That’s on top of plenty of other mainstream media exposure the project recently attracted.
When the DRM protections were uncovered in March, along with anti-virus alerts, various S2HD project staff assured those alerts were false positives.
While S2HD is now considered a closed project, action could still be taken against those behind it, in particular L0st, who has endured tremendous criticism ever since those DRM features were found in game.
We will afford you more details as they become available.
Loading ...
@Sawnik98: Yeah, I haven’t dealt with keyloggers in a long time. The speed reduction sounds familiar (I recall my RA having massive speed issues when her laptop got a logger), but the file deletion sounds like it would more likely be something else. I’d say run an anti-virus and an anti-malware and get rid of the S2HD files for good measure. Just in case.
I can’t recall if I downloaded this on my desktop, now. And I’m stuck in lab, with over another hour left.
@SEGAMew: Oh, you.
Well, this explains why I got hacked the day after I downloaded this.. My passwords were changed to my Facebook, Minecraft, Netflix, Tumblr, Twitter, etc.
This is why we can’t have nice things…
Particularly annoying about this is that they just released the codes for Debug mode and to play the incomplete Hilltop Zone on their Facebook: http://www.facebook.com/sonic2hd
Nothing has yet been said on there about the keylogger discovery.
Sawnik98 and iK3Vin: Can you provide some more details on what you experienced after DLing Sonic 2 HD in a news tip to us?
-T
I never downloaded this, and I’m glad I didn’t now that this has happened. Geez, this isn’t looking good for the project at all…
@Tristan: I just submitted a News Tip with what you asked for.
@Tristan I’m running some computer fixes and tests at the moment. Will give you the results ASAP.
So this is only for windows that are focused on while S2HD is active? I may have some issues if that’s not the case, but i didn’t have anything else open during the two times I played through it.
This is one of the reason why I don’t play fan made games.