Cybercriminals Leverage Popular Game Engine Godot to Spread Cross-Platform Malware

28.11.2024

 

A new malware campaign known as GodLoader has been exploiting the popular open-source Godot Engine to infect over 17,000 systems since June 2024. Cybercriminals are leveraging Godot’s scripting capabilities to execute malicious GDScript code, delivering malware undetected by most antivirus engines on VirusTotal, according to a report by Check Point. The Godot Engine, designed for cross-platform game development, is being misused to target systems running Windows, macOS, Linux, and even Android, greatly expanding the attack surface.

The campaign stands out for its use of the Stargazers Ghost Network, comprising about 200 GitHub repositories and over 225 fake accounts, as a distribution method. These repositories, released in four waves, are made to appear legitimate, primarily targeting developers, gamers, and general users. The attackers use malicious Godot Engine executables (.PCK files) to deliver malware loaders, which then deploy final-stage payloads like RedLine Stealer and the XMRig cryptocurrency miner from a Bitbucket repository.

The malware includes advanced features to evade detection, such as bypassing sandboxed environments and adding the entire C:\ drive to the Microsoft Defender Antivirus exclusions list. While the current attacks focus on custom Godot Engine executables, experts warn that attackers could take this further by compromising legitimate Godot-built games, emphasizing the need for developers to adopt stronger encryption measures, like asymmetric-key algorithms.

This malicious campaign highlights the persistent misuse of legitimate platforms by cybercriminals to evade security defenses. The multi-platform nature of the Godot Engine allows attackers to craft versatile malware capable of targeting multiple operating systems, increasing their reach and impact. These developments underline the importance of downloading software only from trusted sources to reduce the risk of infection.

en_USEnglish