The December update of fan game Sonic Gather Battle, has been found guilty of malicious code and is now considered malware. As noted by GerbilSoft on our forums and found by several Discord and Reddit users, Gather Battle will do the following to your system:
-
If you attempt to search for “Hack” or similar keywords while the game is running, it will attempt to kill the browser.
-
If it thinks you’re trying to tamper the game, it will remotely blacklist your system, and the only way to unblacklist it is to convince the developer that you’re not trying to steal his precious sprites.
-
It exhibits a lot of other malware-like behavior, including storing a hash of your system information on a remote server, and creating a DLL file, loading it, and deleting it.
In addition, the developers of the game are able to remotely enable and disable the game with said DLL file. At this point in time, said server has been shut down and no one is able to play the game. If you downloaded the December update of Gather Battle, the current recommendation is to delete the game immediately and run a scan on your system. You may also want to consider restoring your system if possible.