57
Hackers abuse popular Godot game engine to infect thousands of PCs
(www.bleepingcomputer.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 28 Nov 2024
57 points (80.6% liked)
Godot
6014 readers
96 users here now
Welcome to the programming.dev Godot community!
This is a place where you can discuss about anything relating to the Godot game engine. Feel free to ask questions, post tutorials, show off your godot game, etc.
Make sure to follow the Godot CoC while chatting
We have a matrix room that can be used for chatting with other members of the community here
Links
Other Communities
- !inat@programming.dev
- !play_my_game@programming.dev
- !destroy_my_game@programming.dev
- !voxel_dev@programming.dev
- !roguelikedev@programming.dev
- !game_design@programming.dev
- !gamedev@programming.dev
Rules
- Posts need to be in english
- Posts with explicit content must be tagged with nsfw
- We do not condone harassment inside the community as well as trolling or equivalent behaviour
- Do not post illegal materials or post things encouraging actions such as pirating games
We have a four strike system in this community where you get warned the first time you break a rule, then given a week ban, then given a year ban, then a permanent ban. Certain actions may bypass this and go straight to permanent ban if severe enough and done with malicious intent
Wormhole
Credits
- The icon is a modified version of the official godot engine logo (changing the colors to a gradient and black background)
- The banner is from Godot Design
founded 2 years ago
MODERATORS
But this is bad news for game jams. Participants are not really trustworthy and those who do not build for HTML5 should not be evaluated.
A web version is often a requirement (in my limitted jam experience).
This has always been true. If you are downloading an exe off the internet, it can be malicious. I am amazed by the streamers and Youtubers that seem willing to run anything. When I gamejam, I only write games that work in the browser and I only test/rate games that do the same. Unless you have a quarantine machine purpose built for running unknown code, it is really the only option.
I mean... Every game you download and run can do almost anything on your computer, no matter what it's written in. It's just code.
My first C2 agent I made for our malware to use in Red Teamings was a Unity Engine headless server.
Last time I checked you can spawn processes from any game engine, making this a moot point.
Thats true for anything that runs as a native app, but html builds will be sandboxed by the browser.
True, but the comment I was responding about not trusting non-web builds. This could imply that it's only for non-web build Godot games while you could easily do this with any engine.