New Roblox trojan will land you with a nasty PC infection
Cheaters never prosper, especially in this case
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
With nearly 50m active users, it’s no surprise that cybercriminals continue to target the popular online gameRobloxwith all manner of scams and attacks.
According to new research fromCheckpoint, researchers fromAvanandiscovered a trojan file hidden inside the legitimate Synapse X scripting tool which is used to inject exploits or cheat codes into Roblox.
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.
Cybercriminals have begun leveraging Synapse X to install a self-executing program onWindows PCsthat installs library files into the Windows system folder. This has the potential to break applications, corrupt or remove data or even send information back to the cybercriminals responsible.
Avanan researchers first found the trojan file used in the latest round of Roblox attacks inside a customer’sOneDrive. While the customer could have uploaded it to theircloud storageby mistake, the cloud email and collaboration security company scanned the file and labeled it as malicious.
Putting family and even business PCs at risk
The specific version of Synapse X used in these attacks against Roblox users drops three files on a victim’s system with one of them being a backdoor trojan.
From here, the trojan installs library files (DLL) into the victim’s Windows system folder and this malicious code can be perpetually referenced by Windows and remain running.
In addition to being able to break applications and listen to files, these attacks are particularly concerning due to the fact that Roblox is mainly played by children. As a result, the trojan can easily be installed on a personal computer which may not even haveantivirus softwareinstalled. However, there’s also a corporate risk, since employeesworking from homemay let their children play Roblox on theirbusiness laptops.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Here’s why popular code libraries are flooded with Roblox, Fortnite spam right now>Hackers breach Roblox security to access user information>How to change your Roblox password or reset it
After finding this new trojan targeting Roblox users, Avanan reached out to the Roblox Corporation and the two have been communicated via email with plans to connect further via phone regarding the issue.
The Roblox Corporation also reached out toTechRadar Prowith the following statement regarding Avanan’s report:
“This report represents a misleading picture of this exploit, which is in Synapse X, not Roblox. Using third party services to circumvent specific systems is also against our Terms of Service. Roblox maintains many systems to keep our users safe and secure, and we prohibit attempts to bypass these systems or otherwise violate our platform requirements.”
In order to protect your devices from these kinds of attacks, Checkpoint recommends that users avoid downloading files from untrusted sites, usemalwarescanning when accessing cloud storage services like OneDrive andGoogle Driveand install an antivirus on all of their personal computers.
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
Huge Black Friday Samsung sale: save up to $1,900 on QLED, OLED TVs, and more
