Gaming Engines: An Undetected Playground for Malware Loaders

SUMMARY :

Check Point Research uncovered a new technique exploiting the Godot Engine to execute malicious GDScript code, remaining undetected by most antivirus tools. The technique has been used since June 2024, potentially infecting over 17,000 machines. A loader called GodLoader employs this method and is distributed via the Stargazers Ghost Network on GitHub. The technique allows cross-platform targeting of Windows, macOS, Linux, Android, and iOS devices. Researchers demonstrated successful payload drops on Linux and MacOS. This approach could potentially target over 1.2 million users of Godot-developed games through malicious mods or downloadable content.

OPENCTI LABELS :

redline,xmrig,gaming,malware loader,cross-platform,godot engine,gdscript,undetected technique,stargazers ghost network,godloader


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Gaming Engines: An Undetected Playground for Malware Loaders