hit counter

Security backdoor found in Roblox Google Chrome extensions

player in Roblox be exposed to a security breach as the Google Chrome extensions allow their passwords and personal information to be stolen. The extensions in question, both called SearchBlox, already have more than 200,000,000 total downloads. This could open a way for cyber attackers to steal Roblox credentials as well as properties within the Roblox Trading site, Rolimons.

Who is behind this?

It is still unknown if the SearchBlox already had the backdoors built in by the developers or if it was placed entirely by someone else. Although the Roblox The community took a look and noticed that one user’s inventory, “Unstoppablelucent,” grew exponentially overnight. This raised some eyebrows as he thought he might be responsible for the hack.

Another was a Rolimon user using “ccfont”. The user’s account was terminated which was the result of “suspicious inventory dealings”. That Roblox Community has already been advised to uninstall the extension as soon as possible. It would be good to also clear browser cookies and change their credentials on both Roblox and Rolimon.

According to TechRadar, the extensions have already been turned off. It would also be automatically removed from the systems in which they were installed. Roblox is not new to evildoers. Even in certain Roblox games, there are multiple trading scams like “Choose Me“, which also happens without knowledge of codes. They only bring promises of compensation for the trades received, but leave the server instead.

Also read: According to researchers, over 50 million passwords were stolen by Russian cybercrime groups in 2022

Hackers infiltrate a breeze

Some hackers have turned to it Roblox to inject malicious files beforehand. Back in March, Avanan, an email security service, found a Trojan horse file residing in a legitimate script engine, Synapse X. You saw the self-executing file on a customer’s OneDrive, which may have been accidentally uploaded. It appears as a library file (DLL) in the Windows system folder.

According to reports, the malicious file is capable of corrupting applications and eavesdropping on files. The company has reported Robloxto which they received an answer. Roblox said that using third-party services to get through certain systems violates their terms of service. They added that Roblox maintains many systems to ensure user safety.

From a strategic point of view, it is a smart move towards the goal Roblox User. It is mainly played by children who are unaware of potentially malicious files most of the time. They might download the malware unknowingly and expose their PC to cyber attacks that steal personal information. The game also has a currency called “Robux” that can be purchased with debit or credit cards, and this information could also be stolen.

2021, Roblox has gained over 32 million active users in 180 countries. About half of American kids play it. Between the ages of 9 and 12, around 75% use the platform. That’s a lot of kids who could potentially download malware planted by hackers.

Related: Can you guess what game hackers like to use to hide malware?

Leave a Comment