Hackers Exploit Game Engine To Spread Cross-Platform Malware - 1

Image by Yan Krukau, from Pexels

Hackers Exploit Game Engine To Spread Cross-Platform Malware

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Hackers exploit the Godot Engine to spread undetected malware, targeting devices across platforms via GitHub’s Stargazers Ghost Network.

In a Rush? Here are the Quick Facts!

  • Stargazers Ghost Network distributes GodLoader via 200 GitHub repositories.
  • The malware targets multiple platforms, including Windows, macOS, Linux, and Android.
  • Over 1.2 million users of Godot-developed games are potential targets of this attack.

Cybersecurity researchers at Check Point have discovered a new technique that exploits the Godot Engine, an open-source tool used for creating video games, to deliver malware.

This method uses Godot’s scripting language, GDScript, to execute harmful commands, allowing attackers to infect devices while remaining undetected by most antivirus software.

Godot is a popular game development platform known for its flexibility and ability to support various operating systems, including Windows, macOS, Linux, Android, and iOS.

Its open-source nature has made it a favorite among developers. Unfortunately, its flexibility has also made it a target for cybercriminals.

The newly identified malware, called “GodLoader,” takes advantage of the Godot Engine’s features to install malicious software on victims’ devices. The malware is distributed through a network operating on GitHub, known as the Stargazers Ghost Network.

This network disguises malicious files as legitimate software and shares them via repositories that appear trustworthy. Between September and October 2024, around 200 GitHub repositories were used to distribute GodLoader, tricking users into downloading infected files.

This technique is particularly concerning because it targets multiple platforms. The Godot Engine’s cross-platform design enables attackers to spread malware across various devices, including Windows PCs, Mac computers, and Linux systems.

Android devices are also at risk, with slight adjustments to the malware’s structure. While iOS devices are less vulnerable due to strict security protocols, the threat still looms large for a broad range of users.

The scale of this attack is significant. Over 1.2 million players could be targeted if cybercriminals successfully compromise games developed with the Godot Engine.

Attackers could exploit downloadable game content, such as mods, to deliver malicious payloads. Once the files are executed, they could steal sensitive information, install additional malware, or even disrupt systems.

Despite the severity of the threat, most antivirus programs fail to detect this type of malware. By embedding harmful scripts within legitimate-looking files, attackers bypass standard security measures, spreading malware undetected.

Gamers and developers are advised to exercise caution, avoid downloading files from unofficial sources, and ensure that their antivirus software is up to date. This discovery highlights the growing sophistication of cyberattacks and the importance of vigilance in an increasingly interconnected digital environment.

Orange Partners With OpenAI To Access Pre-Release AI Models - 2

Photo by Levart_Photographer on Unsplash

Orange Partners With OpenAI To Access Pre-Release AI Models

  • Written by Andrea Miliani Former Tech News Expert

The French telecommunications giant Orange partnered with OpenAI to access pre-release AI models, becoming the first telecom company to reach this type of deal in Europe.

In a Rush? Here are the Quick Facts!

  • Orange becomes the first European telecom to get direct access to OpenAI’s models
  • The French giant signed a multi-year partnership to grow and expand AI services
  • Orange signed another deal with Meta and OpenAI to develop AI models to translate African languages.

According to Reuters , Steve Jarrett, Chief AI Officer at Orange Group confirmed yesterday a multi-year deal between both companies during an interview with the news agency.

“OpenAI’s models are the most popular. And so it made financial sense for us to have a direct billing relationship”, said Jarrett to Reuters. “We have the ability to have access to pre-release versions of their models. We have the ability to influence the road map… Those models are all served from secure infrastructure that’s hosted in Europe.”

With this new deal, Orange takes the lead and becomes Europe’s first telecom firm to get direct access to OpenAI’s latest models.

Orange also signed another agreement with Meta and OpenAI to develop AI models to translate African languages.

According to CNBC , the French company wants to develop custom AI models that can process and understand Western African languages like Wolof and Pulaar—spoken by 16 million people—and also consider the local context and culture as these companies’ AI models are more powerful in English and trained primarily with American information.

Orange takes the lead in Europe in adopting OpenAI technologies in the telecom market and expanding its potential, not only to commercial clients but also to universities, startups, and governments.

OpenAI has recently announced multiple partnerships with other large European companies like BBVA —with presence in Europe, Latin America, and the U.S.—, and recently reached a $157 billion valuation.