Roblox is still a hit with many children. However, the sandbox gaming platform has its problems. A new report reveals that shameless hackers are roaming there, targeting gullible kids and unashamedly scamming them. Find out here on MeinMMO how the hackers operate.
What is Roblox? Roblox is a kind of game-building kit. It looks like a mix of Lego and Minecraft, which is why it is particularly popular with children. Especially during the Corona pandemic, Roblox achieved great success. Users can create their own games via Roblox or play the creations of the community.
Everything is possible: From shooters, racing games, puzzle games, adventures, RPGs to MMOs. Among the most popular titles on Roblox are:
- Murder Mystery 2 – A fun co-op horror game
- Jailbreak – A game in the style of “Cops and Robbers”
- Natural Disaster Survival – A survival game with a disaster theme
- Scuba Diving at Quill Lake – It’s about recovering treasures during dives
- Theme Park Tycoon 2 – A theme park building game
- Work at a Pizza Place – Here you have to manage a pizzeria
If you want to cosmetically adjust your avatar or buy special pets, you need the in-game currency Robux. You can buy it with real money. However, it is also possible to sell virtual items in a shop.
And that’s exactly why hackers are targeting the accounts of kids in Roblox.
How audacious hackers target kids in Roblox
Since virtual items can be sold well – a funny hat has already earned over $13,000 in the shop – more and more hackers are trying to obtain kids’ items in Roblox using all available methods.
The site Vice has researched in this area and contacted both victims and perpetrators. Hackers are referred to as “Beamers” in the Roblox community. The fact that there is a specific term for them indicates that the problem is quite significant.
The Beamers use a wide range of nasty hacker tricks to fool their victims. The fact that they are dealing with children who often act more naively and cluelessly than adults makes it particularly easy for them. Common tactics used by hackers include:
- Deceptively realistic phishing sites
- Sim swapping
- Fake PayPal screens
- Extracting .HAR files
Deceptively realistic phishing sites: In Discord forums, Beamers often share links that initially look like an official Roblox site. However, if you log in with your credentials, the hacker obtains your username and password.
Sim swapping: Those who think they are protected from hackers through 2FAA may be in for a surprise. Some hackers use this technique to impersonate the actual owner of a mobile number to the provider and obtain a SIM card, which they then use to bypass 2FAA. The necessary data for this identity theft is then discovered by hackers through phishing.
Fake PayPal screens: Even if you try to recover the account, clever hackers are one step ahead and use fake screenshots of PayPal accounts to convince support that they are indeed the legitimate owners of the account.
Extracting .HAR files: One tactic that works particularly well with kids is to contact them and ask for help with a project. Alternatively, one might compliment them for how pretty or cool their avatar is and offer to make it even better.
For this, they only need a specific file from the game, which they should please share. However, this .HAR file contains login information, and although Roblox explicitly warns against sharing the file, gullible kids often fall for it.
The hackers are often ruthless and deliberately hunt for victims. One Beamer tells Vice that he specifically targets Discords where “rich fools” are found. He then contacts all of them, and someone will eventually fall for it and share sensitive data with him.
Protection method number 1: Trust no one!
What can be done about it? If you have been affected and hackers have your data, they can cause significant damage, and Roblox support only offers one rollback per account in case of item losses. However, they are aware of the issues and are working on further solutions:
We have spent over a decade building a robust security system and policies that we are proud of and continuously improve as our community grows. In particular, the Roblox InfoSec team actively searches various sources for threat information, monitors malicious activities, and takes appropriate action.
Statement from Roblox via PCGamer
In general, it is advisable not to share any personal information and also not to click on seemingly official links in Discord and similar platforms.
Also, dubious emails from the Roblox team should always be double-checked, especially if they contain links. Above all, parents should sensitively educate and inform their children.
Overall, Roblox, despite all its cuteness, is not a safe space for kids. Some games have extremely questionable themes, such as this recreated rampage: Someone recreates real rampages in the children’s game Roblox like those in Christchurch
