The Roblox gaming platform is very popular among users, which means it attracts the attention of intruders as well. It became known that the popular SearchBlox extension for the Chrome browser associated with the game was stealing user credentials and assets that can be traded.
According to Bleeping Computer, two instances of the SearchBlox extension in the Chrome web store contain malware. Using malicious code, the attackers stole credentials and items from the Roblox Rolimons trading platform. Currently, antivirus software does not flag the extension or related URLs as dangerous, making it difficult to detect the threat.
The extension billed itself as a tool to allow users to search for specific Roblox players. Later, after hundreds of thousands of users installed the extension, someone added malicious code. However, it is not clear if the backdoor was created by the original developer or someone else who compromised the extension. Some Roblox players suspect a user named Unstoppablelucent who may have developed SearchBlox. In less than a day, his inventory increased substantially. Another suspect is Rolimons user ccfont, who was removed due to suspicious inventory transactions.
Learn important technologies for a tester at a convenient time, and get $1300 already after a year of work
Google has already removed the SearchBlox extension from the Chrome store. Users who have previously installed it should uninstall it immediately, clear their cookies, and change their passwords for Roblox and Rolimons.