It’s no surprise that cybercriminals with nearly 50 million active users continue to target the popular online game Roblox with all manner of scams and attacks.
According to a new study from Checkpoint, researchers at Avanan have discovered a Trojan horse file hidden inside a legitimate Synapse X scripting tool used to inject exploit or cheat code into Roblox.
Cybercriminals have started taking advantage of Synapse X to install autorun programs on Windows PCs that install library files into Windows system folders. This has the potential to corrupt applications, corrupt or remove data, or send information back to responsible cybercriminals.
Researchers Avanan first discovered the Trojan horse files used in the latest Roblox attack on a customer’s OneDrive. A customer may have accidentally uploaded a file to cloud storage, but a cloud email and collaboration security company has scanned the file and classified it as malicious.
It puts your family and even your business PC at risk.
The specific version of Synapse X used in these attacks against Roblox users drops three files on the victim’s system. One of them is a backdoor Trojan horse.
Here, the Trojan installs a library file (DLL) into the victim’s Windows system folder, and this malware is permanently referenced by Windows and can continue to run.
Aside from being able to crash applications and listen to files, these attacks are of particular concern due to the fact that Roblox is primarily played by children. As a result, Trojans can easily be installed even on personal computers that do not have antivirus software installed. But there is also a risk to the business, as an employee who works from home could let their children play Roblox on their work laptops.
Avanan contacted Roblox Corporation after discovering this new Trojan that targets Roblox users, and the two were informed via email that they plan to further connect by phone regarding the matter.
To protect your device from this kind of attack, Checkpoint allows users to avoid downloading files from untrusted sites, use malware scanning when accessing cloud storage services such as OneDrive and Google Drive, and install an antivirus on all personal computers. It is recommended that