Sonic 2 HDIf you're a devotee of Sega's classic platformer Sonic the Hedgehog, you might be tempted to try Sonic 2 HD, a lavish fan-made tribute that's recently been released in alpha form as a free download.
Be forewarned, though: here be keyloggers.
As reported in Kotaku, an admin at the site Sonic Retro posted a warning that "there is indeed a keylogging program as part of the Sonic 2 HD alpha software." The Sonic 2 HD executable was triggering antivirus programs' alarms, prompting "a professional antivirus employee" to investigate and uncover the malicious code.
A keylogger is a program which records the user's keystrokes as a way for hackers to capture user data, information which can later be applied to identity theft. According to Sonic Retro, however, there's no evidence that the keylogger is currently "phoning" any data. Even so, the safest course of action is to remove the Sonic 2 HD software in its entirety.
As of this moment, the Sonic 2 HD site only offers the following message: "You may experience a warning message from your antivirus software indicating a Trojan is present in our zip file. You can be rest assured if you are downloading it from any of the links above that the file is safe."
Update: Sonic Retro reports the keylogger seems to have been a false alarm after all, so Sonic fans can breathe a sigh of relief. Here's the full message:
The Sonic 2 HD team announced today amidst the flurry and confusion of an alleged "keylogger" being detected in the program that it has decided to move on without their head programmer, LOst.
The decision comes on top of several allegations from team members that LOst held the project hostage through the inclusion of DRM, public feedback of a bloated engine running an otherwise simplistic game, and other behind the scenes issues. The final straw was the massive negative reception after reports of a keylogger were detected by various antivirus software.
After some careful examination by forum member Guess_Who, the "keylogger" was confirmed to be benign and a false positive, revealing that it was a result of shoddy DirectInput programming. This is how the program was able to register key presses even when the window was not selected and running in the background. In other words, it's like how CW Cheat can trigger antiviruses as a trojan horse, despite having no malicious software behind it.