This might be paranoia, but here we go. I was just wondering if GoG has some kind of software to detect if a dev uploads malware or something with their game. Like I bought this game Against the Moon a long time ago and I was thinking about playing it, but there was a lot of weird stuff that got it banned from Steam and I'm assuming the game is fine, but is it possible that the developers can like update the game files with malware or would GoG be able to detect something like that to prevent it from happening.

Let's think this though carefully.

Do you think any legitimate business would be allowing this in the first place? And would any developer, not in the middle of a ragequit, understand fully the consequences of such a decision?

Anyways, it looks like a worse Wesnoth or Heroes of Might & Magic.

If you're that concerned, why not buy a trustworthy game like one of those two?

Let me guess : Avira , Norton , AVG , Avast user ?

I mean you're probably right. I think that PirateFi situation from earlier this year got me second guessing past purchases. LOL

Nah, I'm just spinning for no good reason.

found a reddit thread from the dev
https://old.reddit.com/r/gamedev/comments/13vpm6f/steam_bans_cry_for_help/

Steam allowed the game PirateFi to be put on their marketplace without checking it for malware. Multiple users were affected. So could GOG have the same issue with not checking for malware? Possibly.

It's not paranoia if it ticks some if not all of the right boxes.

If the game is a 'slop' of flipped assets, the dev seems shady, most of the reviews are made by bots and your gut is warning you off, then there's a high chance that 'game' is just a piece of malware.

Overambitious indies that fail midway through can be devs that took on too much or they can be projects meant to fail that had the specific goal of gathering as much data as possible from as many PCs as possible. And the only difference between them and corporations posing as game companies is that the corporations have people in place that can exploit loopholes in the law or manage the risks of such potential decisions.

Also, a company isn't the same as the people who work for it. At any time, an individual employee can intentionally or otherwise deploy a malicious, flawed update or even install a personal backdoor to exploit at will. And the 'don't care, make money' attitude means that companies won't do something about it unless it actually becomes a problem for their money-making.

And when you're in it for the money, everything else becomes a moot point.