Update statement-on-godloader-malware-loader.md

godotengine · Nov 28, 2024 · ca1b7e7 · ca1b7e7
1 parent b523ce4
commit ca1b7e7
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/collections/_article/statement-on-godloader-malware-loader.md b/collections/_article/statement-on-godloader-malware-loader.md
@@ -24,11 +24,10 @@ This is similar to writing malicious software in Python or Ruby, the malicious a
 
 We would like to take this opportunity to remind users about some good security practices when it comes to downloading and executing software.
 
-- Only download and execute software from trusted sources:
+- Only download and execute software (including game mods) from trusted sources:
   * Official project website. Confirm it by checking the URL, and verify with a search engine that this seems to be the most frequently referenced website for this software.
   * Trusted distribution platform: Steam, Epic Games Store, Windows Store, Google Play, Apple Store, etc.
   * People you know, after confirming that they are who they claim to be if the communication is text-based (see below).
-  * Game mods, even if it do not include executable files.
 - On Windows and macOS, verify that the executable is signed (and notarized, on macOS) by a trusted party.
 - Be wary of executing cracked software, which is a prime attack vector for malicious actors.
 - Be wary of executing software even from people you know, if you can't confirm that their account hasn't been compromised. A very common attack vector targeting specifically game developers is for Discord accounts to get hacked, and then malicious actors use them to send malicious downloads to their friends in private messages ("hey will you try my game?"). Make sure to confirm the identity of your contacts before executing such software.