Idk about malware but i remember in his other game, IWH, I had an issue a while back after having played one of these "public" versions. I was prevented from playing any cracked version after that. The game simply acted as if the cracked version was still "public" and locked me out of any content pertaining to the Patreon version. I had to delete a bunch of specific files in my documents connected to the game in order to fix it.
Also, since the valid paid version of the game needs internet to work, you are being retroactively revoked access after you stop subscribing. This happened to me back when I was a paid sub, the game I had downloaded legally from the patreon would suddenly ask me for password again after a while, but since I wasn't subbed, I had no updated password and I could not access the content of the version I had already paid for. That's where I decided to never spend another penny on this scummy dev. I would honestly rather pay the cracker.
Could be worse, i talked to a patreon whos game would crash when he tried to access content, then when i said i could fix it for him, he refused because he didn't wanna leak it, guy literally had to wait for the crack to play a game he paid for.
I'd feel weird about being paid as a cracker, but i can shine some light on from memory/guesses (may not be 100% accurate).
the password you used was saved, as was a random ID for the save file, the version activated, etc
id assume the public version overwrite part of the save file in the appdata folder and broke the activation in the save file.
and the password used had been revoked after being leaked.
from my memory old versions activation code stayed online so if not revoked it should of been fine.
but it would would connect online and check what passwords got revoked, but pirates would just... not connect to the internet
so DRM checks were added to make sure it was online every so often
its kinda crackers fault you had that issue as we caused the DRM to be made, and fallens fault for having DRM that effected paid users, but i cant fault someone for defending their income
in terms of
MALWARE
because cracks obviously are added files, he did have a few updates that would delete files off user's PC's
ik at one point it checked a online list from fallen of filesnames of cracks posted
then i think it hit a point it just deleted whatever wasnt a official file (if the files are in a RPA, then all RPY files are added by a user)
and alot of people thought that was questionable/illegal/malware
