Cybercriminals Target Godot Engine in Malware Campaign

Cybercriminals exploit Godot Engine in widespread malware campaign. A new malware campaign utilizing the Godot Engine has infected over 17,000 systems since June 2024, according to Check Point. The attackers leverage crafted GDScript code to execute malicious commands, evading detection by most antivirus software. The campaign employs a network of around 200 GitHub repositories and over 225 fake accounts to distribute the GodLoader malware, which targets Windows but can easily adapt to macOS and Linux. This incident highlights the risks associated with open-source platforms and the need for enhanced cybersecurity measures, as the malware’s cross-platform capabilities allow for widespread infection across various devices. Users are urged to download software only from trusted sources to mitigate these threats.