GodLoader malware infects over 17000 devices through game development tools

A new cyber-attack technique using the Godot Engine has infected over 17,000 devices with malware via GodLoader. This method employs malicious GDScript code to bypass antivirus software, targeting users downloading cracked software since June 2024. The malware was distributed through 200 GitHub repositories, mimicking legitimate software to gain trust. It can affect Windows, Linux, and macOS systems, using tactics to avoid detection by security software. Experts warn that attackers could potentially infect legitimate Godot games in the future. The Godot security team emphasized that users should only download software from trusted sources to mitigate risks.