cross-posted from: https://lemmy.zip/post/27055106
Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months.
cross-posted from: https://lemmy.zip/post/27055106
Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months.
But this is bad news for game jams. Participants are not really trustworthy and those who do not build for HTML5 should not be evaluated.
I mean… Every game you download and run can do almost anything on your computer, no matter what it’s written in. It’s just code.
My first C2 agent I made for our malware to use in Red Teamings was a Unity Engine headless server.
A web version is often a requirement (in my limitted jam experience).
Last time I checked you can spawn processes from any game engine, making this a moot point.
Thats true for anything that runs as a native app, but html builds will be sandboxed by the browser.
True, but the comment I was responding about not trusting non-web builds. This could imply that it’s only for non-web build Godot games while you could easily do this with any engine.
This has always been true. If you are downloading an exe off the internet, it can be malicious. I am amazed by the streamers and Youtubers that seem willing to run anything. When I gamejam, I only write games that work in the browser and I only test/rate games that do the same. Unless you have a quarantine machine purpose built for running unknown code, it is really the only option.