A guide for the average joe on how ROBLOX accounts get hacked or stolen

Introduction

Many people I know have gotten their ROBLOX accounts hacked and I thought maybe I should release a guide on the different methods of account hacking including: Phishing Links, Malware and Cookie Logging.

So I made this guide with non tech savvy people in mind as many users who get their accounts hacked are not tech savvy and don’t know about things like Cookie Logging, Process Injection etc


Cookie Logging

@VoidedBlades has a great resource on cookie logging and how to avoid it here:
Cookie logging explained - Resources / Community Resources - DevForum | Roblox
But ill provide a brief description. Roblox stores your account login in a browser cookie which is a small file stored within your browser and cookie logging is where a website or program tries to take that cookie which if used in another browser, the attacker could have access to your account.

HAR Files

HAR files, or “ H ttp AR chive files”, contain an archive of site cookies, including your account’s .ROBLOSECURITY id. Hackers can use that gain control of your account without a username & password pair. To avoid this, remember to refresh your session (logging out & in) every once in a while.

Phishing Links

Most of us know that free robux generators are scams but there are some people who dont and they are more commonly being advertised on trusted platforms like Youtube.

Example here

File_000

A general rule of thumb for things like this is: If it is too good to be true, then it probably isn’t and never give away your password to any of your accounts no matter what the website or app says


Malware

A lot of accounts get hacked because of malware, files specifically made to do malicious things to your computer including cookie logging, keylogging and even stealing passwords from your browsers saved password database.

Many of these programs are disguised as other types of programs like on a Discord server of mine someone posted a file claiming to be a Roblox FPS Booster but was a file that stole the saved password to Roblox.

To avoid these I recommend using an Anti Virus(Windows defender works just make sure you have it set up properly) and avoid software like McAfee and Norton as they are more bloatware than anti viruses. I recommend using something like Malwarebytes to scan ANY FILE you download from sources like Discord, Twitter, Instagram reddit etc. If you don’t know how to scan a file just right click the downloaded file and click scan. Even better don’t download ANY files from these sources.


SIM Swapping

SIM Swapping is when someone gets information about you from phishing emails or by using social engineering. They then contact the victims phone company asking them to change the victims phone number over to their phone using the data they have on the victim to make it seem authentic. Once this is done the victim loses the connection to the cellular network and the fraudster now has the victims phone number.

No you may be thinking what does this have to do with roblox? Well if a user has 2FA on their account linked to their phone, the fraudster now can get access to that account.


So I hope that this resource helps you stay safe in the future and please share this with people you know who might be high at risk of getting their account hacked(ie small children). I know this wasn’t very in-depth but it wasn’t meant to be, it was meant for the average joe someone who doesn’t know much about cybersecurity or computers at all.

13 Likes

For the cookie logging section, you could add on to it and give a brief description on what cookie logging is instead of just telling readers to read VoidedBlades’s article (which by the way, every developer should read it).

Other than that, great tutorial!

4 Likes

Add this:


HAR Files

HAR files, or “Http ARchive files”, contain an archive of site cookies, including your account’s .ROBLOSECURITY id. Hackers can use that gain control of your account without a username & password pair. To avoid this, remember to refresh your session (logging out & in) every once in a while.

1 Like

Some extra info for the shake of security :slight_smile:

All sites linked in the following comment are open-sourced, free & approved by community tools, meaning there is 0 risk in using them

To avoid cookie logging I really recommend using a google extension like Cookie AutoDelete which cleans all the cookies from a site when you leave that site, the best thing of this extension is the ability to whitelist sites so you can avoid cookie cleaning on your favourite and trusted sites.

I myself use this amazing extension and the best thing of all is that I’m allowed to select which cookies from all the cookies I save, meaning that I can only whitelist the ones that keep my session loaded so it’s easier for me.

Yup, logging out and in sometimes just for security reasons is a really cool move for our account security, in most cases there is no problem but just in case we should do it once a week, it’s not that hard and it’s even easier with password managers like Bitwarden (the best one from my point of view)

Expanding onto that I really recommend avoiding at all any anti-virus app, I only use Windows Defender. If you’re willing to scan a file in the search of malware trust me, VirusTotal is all you need, it’s one of the most trusted and effective virus databases and believe me when I say you that I cleaned my pc from trojans only using VirusTotal and BCUninstaller, another amazing and open-source tool that makes deleting malicious files easier since it also scans for Registry Keys, which are leftovers from these programs.

Other than that maybe also adding some basic points that well, everybody already knows but are important to remember:

Weak Passwords

Make sure to generate passwords with password managers that create passwords hard to crack and hard to guess, test your password security at https://howsecureismypassword.net/

2FA

Make sure to add your email as a 2FA method, not having one could compromise a lot your account (also try to do not add the SMS option, at least by now since it can be hacked as we already saw a while ago)

PIN

May not be that useful but in-case someone logs in your account by using cookie logging or something like that at least you make sure that it will be somehow hard for them to change credentials, maybe you will even have time to save your compromised account at time!

4 Likes

Does cookie logging bypass 2fa?

2 Likes

You meant that It is to good to be true?

1 Like

Yes it does, happened to me once and I had 2FA on and all, they still managed to get into my account and stole 11k, luckily I instantly noticed and contacted ROBLOX Support who were generous enough to help me and refunded the 11k robux back to my account.
Just remember that if anything happens just don’t hesitate to contact ROBLOX Support for help as soon as you can.

2 Likes

Malware bytes is more of an anti-malware more than an anti-virus. Its more lightweight and doesn’t run in the background that’s why I recommend scanning with it once in a while or if you download a suspicious file. But I agree Virustotal is a great resource for finding out if a file is malicious and BCUninstaller I have never heard of

I would like to add that SIM Swapping has become a more apparent problem in Roblox accounts getting Hijacked.

The creator of Royale High was SIM Swapped a few months ago, so I thought I would bring this up.

2 Likes

As well as having a pin blocks users from using the Talent Hub to the fullest extent.

1 Like