Godot

6005 readers

40 users here now

Welcome to the programming.dev Godot community!

This is a place where you can discuss about anything relating to the Godot game engine. Feel free to ask questions, post tutorials, show off your godot game, etc.

Make sure to follow the Godot CoC while chatting

We have a matrix room that can be used for chatting with other members of the community here

Other Communities

Rules

Posts need to be in english
Posts with explicit content must be tagged with nsfw
We do not condone harassment inside the community as well as trolling or equivalent behaviour
Do not post illegal materials or post things encouraging actions such as pirating games

We have a four strike system in this community where you get warned the first time you break a rule, then given a week ban, then given a year ban, then a permanent ban. Certain actions may bypass this and go straight to permanent ban if severe enough and done with malicious intent

Wormhole

!roguelikedev@programming.dev

Credits

The icon is a modified version of the official godot engine logo (changing the colors to a gradient and black background)
The banner is from Godot Design

founded 2 years ago

MODERATORS

snowe@programming.dev

Ategon@programming.dev

Feyter@programming.dev

Hackers abuse popular Godot game engine to infect thousands of PCs (www.bleepingcomputer.com)

submitted 3 weeks ago by recursive_recursion@lemmy.ca to c/godot@programming.dev

16 comments fedilink hide all child comments

cross-posted from: https://lemmy.zip/post/27055106

Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months.

you are viewing a single comment's thread
view the rest of the comments

[–] unexposedhazard@discuss.tchncs.de 43 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

I think its malicious to even mention Godot in a headline with this weak context. It will confuse and scare people into thinking godot is unsafe. Some stupid people downloading and executing code from a malicious source is not noteworthy enough to justify a headline like this. It almost sounds like godot has a RCE from how clickbaity this headline is written.

[–] Kelly@lemmy.world 21 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

This is probably the larger story from the OP link:

The Stargazers Ghost Network uses over 3,000 GitHub "ghost" accounts to create networks of hundreds of repositories that can be used to deliver malware (mainly information stealers like RedLine, Lumma Stealer, Rhadamanthys, RisePro, and Atlantida Stealer) and star, fork, and subscribe to these malicious repos to push them to GitHub's trending section and increase their apparent legitimacy.

Edit: a bit more info:

The malicious GodLoader is distributed by the Stargazers Ghost Network, a GitHub network that distributes malware as a service. Throughout September and October, approximately 200 repositories and over 225 Stargazers were used to legitimize the repositories distributing the malware.

https://research.checkpoint.com/2024/gaming-engines-an-undetected-playground-for-malware-loaders/

My take is that Godot has never claimed to be sandboxed, as long as OS.execute() is enabled by default then running arbitrary code in the user context is trivial. The solution of course is to only run code that you trust.

[–] unexposedhazard@discuss.tchncs.de 2 points 3 weeks ago

Yeah that is more headline worthy indeed.

Godot

Links

Other Communities

Rules

Wormhole

Credits