The Roblox Chrome extension that has been downloaded by more than 200,000 users has a backdoor


PSA: If you have the popular SearchBlox extension installed on Google Chrome, you should immediately uninstall it, clear your cookies and change your passwords for Roblox and Rolimons. The extension contains a backdoor designed to steal user credentials. Other websites that you may have logged into using the extension installed may also be at risk.

As one of the most popular games with kids, Roblox is an obvious target for malicious actors. A popular Chrome extension related to the game attempted to steal users’ login details and tradable assets.

sleeping computer have found Both instances of the “SearchBlox” extension in the Chrome Web Store contain malware. Token stole account credentials and items from the Roblox Rolimons trading platform. Currently, the antivirus does not flag the extension or related URLs, which makes it difficult to detect.

SearchBlox advertises itself as a tool that allows users to search for specific Roblox players. Someone added the code after hundreds of thousands of users downloaded it. However, it is unclear whether the backdoor came from the original developer or someone else who hacked the extension.

Some Roblox players suspect a user named “Unstoppablelucent”, who may or may not have developed SearchBlox. Screenshots show Roblox’s stock value exploding in less than a day, along with the value of a connected account called “ccfont.” The accusations were enough to ban both accounts.

Google has already removed SearchBlox from the Chrome Store, but users who have it installed should check if it is still on their systems. Google previously dropped another extension with the same name sometime between June and October of this year, so whoever is behind it has tried this tactic before and may try it again.

Browser extensions are frequent vectors for malware, both from the original developers and third-party actors that compromise the extensions. In October, researchers Discover Massive operation using 30 Chrome and Edge extensions downloaded by millions of users to hijack browsing histories, insert ads and load malicious code.

Moreover, Roblox is one of the most popular games targeted By cyberthreats, behind only FIFA and Minecraft. The most common malware vectors for these games are clients that claim to download titles but include malicious code. Users should only download games from trustworthy sources. TechSpot offers a safe Roblox game Download.


Source link

Related Posts