Sonic 2 HD Contains Keylogger, Delete Immediately [UPDATE]

Sonic 2 HD Contains Keylogger, Delete Immediately [UPDATE]

A group of fans recently released Sonic 2 HD, an alpha version of a very fancy home-made tribute to Sega’s classic platformer. They even, inadvertently, threw in a bonus: free keyloggers for everyone!

Both the dev team and a “professional antivirus employee” have confirmed that copies of the game include “a keylogging program as part of the Sonic 2 HD alpha software”.

Keyloggers are employed to monitor the keys pressed on a keyboard by a user, and can be used – depending on the type of keylogger used – to capture a user’s passwords.

Here’s the dev team’s statement in full:

Earlier today, I was contacted by a professional antivirus employee who was interested in why Sonic 2 HD consistently popped up as a threat by multiple antivirus software programs and did some investigation. His results showed that a keylogger is part of the Sonic 2 HD software. After receiving this notification, we conducted our own independent tests and found that there is indeed a keylogging program as part of the Sonic 2 HD alpha software.

I want to emphasise that at this time, we have found no evidence that the software has been “phoning home” any data-only that we have found the capability exists.

Because this vulnerability has been found, we are strongly advising that the software be removed. You will need to delete the files included with the Sonic 2 HD zip, as well as the registry keys hooked at HKEY_CURRENT_USER/Software/NakaSMK (if you are unfamiliar on how to do this, go to Start->Run.., type regedit, follow the folder path, and then delete the NakaSMK folder.)

We will have more information on the situation as it evolves.

UPDATE: Seems there’s previously been quite a bit of drama behind the scenes on this project.

UPDATE 2: A team of developers involved with the project tells us the original Sonic Retro report was incorrect, saying what’s tripping people’s virus alerts is “Just a bug (or lazy code) from DirectInput that causes it to read input even when the window is out of focus”.

UPDATE 3: The original report, appearing on Sonic Retro, has been removed, the author stating “I f**ked up. This is totally my fault and I take full responsibility for that. The article has been redacted and there will be another one going up shortly that explains the situation.”

Public Service Announcement: Keylogger, Cleaning Up Sonic 2 HD [Sonic Retro]


      • Well, apparently Sonic Retro are no longer associated with the project and had nothing to do with the keylogger being put in the alpha release, so I was wondering if anyone has tried to contact the current project leader about it.

  • Sonic Retro is not the dev team for Sonic 2 HD. They are merely the site in which the dev team operates. You may want to fix this story up so you don’t blame the wrong people for such a thing.

  • sonic sucks anyway. now he suck even more. down with sonic and his poofy green eyes. and no i’m not trolling because you realy can’t troll a ficational character.

  • people knew that LOst was paranoid, hell they even tried to claim initially that the reading was a false positive due to LOst demanding the code be Obfuscated so people could reverse engineer it. But if he is responcibel for the addition of a keylogger. . . you can pretty much bet that Sonic 2 HD dead in the water right there. . .

    • If the other circumstances are correct I wouldn’t be surprised if LOst, one of the lead programmers if I correct put the keylogger into the code as a final safeguard against it being reverse engineered. If someone was able to circumvent the other security features and gain access to the code, inputting a keylogger would allow him to see exactly how it happen, which in turn would allow him to build further safeguards in later builds to protect the code.

      I might be wrong with this theory, but given how many people on Sonic Retro are responding to this revelation in regards to what they described as LOst’s paranoia, I wouldn’t be surprised.

      • indeed, and the fact that that is a likely reason means that sega in all honesty, SHOULD send a C&D due to the fact that putting extremely harsh DRM on something that is already barely in a legal grey area (as people in the article linked have mentioned in comments, sega still owns the copyright to the art, music and game engine, and reverse engineering, redrawing and remixing don’t remove those protections) is essentialy saying not only “we own the rights to everything in this”, but “the contents are extremely valvueable assets to us”. Hell, a more vindictive company might attempt legal action citing the DRM as the creators fraudulently representing themselves as the owner of the IP contained within the software.

        • Agreed. I wouldn’t be surprised if this incident doesn’t lead to the end of Sonic 2 HD, Which is a shame because it wasn’t just the programmers, but all the other people who worked hard on the project. The people who drew the art from stratch which was utilised in the game, the remixes of the music, a lot of people put a lot of effort into this project, and it’s all going to likely be destroyed due to one persons insatiable ego clouding the fact that the very code he was working with to design Sonic 2 HD was itself reverse engineered from the original Sonic 2.

          • I actually had not heard of Sonic 2 HD until I saw this article. After doing some research, it looks like a false positive to me… So I’ll be installing S2HD when I wasn’t even aware of it before. So.. There’s that haha.

    • Putting an obfuscator (especially if it was an off-the-shelf one) over the top of it and having a directx hook that grabs all keyboard input is definitely going to throw up a lot of red flags for Antivirus software.

Show more comments

Log in to comment on this story!