cross-posted from: https://lemmy.zip/post/27055106

​Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months.

  • UnexpectedBehavior@lemmy.world
    link
    fedilink
    arrow-up
    9
    ·
    29 days ago

    But this is bad news for game jams. Participants are not really trustworthy and those who do not build for HTML5 should not be evaluated.

    • GreyBeard@lemmy.one
      link
      fedilink
      arrow-up
      4
      ·
      29 days ago

      This has always been true. If you are downloading an exe off the internet, it can be malicious. I am amazed by the streamers and Youtubers that seem willing to run anything. When I gamejam, I only write games that work in the browser and I only test/rate games that do the same. Unless you have a quarantine machine purpose built for running unknown code, it is really the only option.

    • Mikina@programming.dev
      link
      fedilink
      arrow-up
      3
      ·
      27 days ago

      I mean… Every game you download and run can do almost anything on your computer, no matter what it’s written in. It’s just code.

      My first C2 agent I made for our malware to use in Red Teamings was a Unity Engine headless server.

      • Kelly@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        28 days ago

        Thats true for anything that runs as a native app, but html builds will be sandboxed by the browser.

        • SpaceMan9000@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          28 days ago

          True, but the comment I was responding about not trusting non-web builds. This could imply that it’s only for non-web build Godot games while you could easily do this with any engine.