For the first time a malware written in GDScript has been spotted in the wild. The attack vector are spam-repos on Github with infected cracked game executables targeting Windows devices. The code uses a bunch of OS.execute statements to run malicious shell code. More interesting are the employed anti-emulation techniques. One of them uses Godot’s rendering capability detection to check for 3D Video Acceleration.
#GodotEngine #OpenSource #GameDev #Malware #InfoSec #Security #Godot4