Ancestors

Written by Godot UserGroup Berlin :godot: on 2024-11-30 at 23:12

For the first time a malware written in GDScript has been spotted in the wild. The attack vector are spam-repos on Github with infected cracked game executables targeting Windows devices. The code uses a bunch of OS.execute statements to run malicious shell code. More interesting are the employed anti-emulation techniques. One of them uses Godot’s rendering capability detection to check for 3D Video Acceleration.


[#]GodotEngine #OpenSource #GameDev #Malware #InfoSec #Security #Godot4

=> More informations about this toot | More toots from GodotUserGroupBerlin@mastodon.gamedev.place

Written by Godot UserGroup Berlin :godot: on 2024-11-30 at 23:13

Key takeaways of the report:

• Do not download and run executables from untrustworthy sources

• Do not run executables with admin privileges except you know what you are doing

• As a Game Creator: Encrypt your .pck file/section with asymmetric keys to prevent malicious actors from easily infecting your game code.


[#]GodotEngine #OpenSource #GameDev #Malware #InfoSec #Security #Godot4

=> More informations about this toot | More toots from GodotUserGroupBerlin@mastodon.gamedev.place

Toot

Written by Godot UserGroup Berlin :godot: on 2024-11-30 at 23:13

This is not a vulnerability in Godot but a nefarious actor crafting malicious GDScript code.



Read the full report here: https://research.checkpoint.com/2024/gaming-engines-an-undetected-playground-for-malware-loaders/



Also see the statement of the Godot Security Team on this topic: https://godotengine.org/article/statement-on-godloader-malware-loader/


[#]GodotEngine #OpenSource #GameDev #Malware #InfoSec #Security #Godot4

=> More informations about this toot | More toots from GodotUserGroupBerlin@mastodon.gamedev.place

Descendants