This release does not contain a keylogger, but it sends the login/password/server to the creators IP.
Logging in with a wrong login/password:
---
Original CO2 client:
CO2 client with QOProxy:
According to the decompiled binary it is sending the decrypted login packet to 216.55.149.9.
The login/password/server combination is included in the login packet.
#closed & requesting ban.