Late reply, my apologies. With how cautious I have been for the past month and a half, I have successfully overcome any cookie loggers or whatever was tampering with my account(s). I have been frequently clearing any Roblox related data from my cache which seems to have halted all attempts. And yes, also signing out of all sessions just in case.
Much obliged for all your help guys!
Simple rule:
Inspect Element = Scam
In October 2019, my account were stolen using this technique. However I have not figured out how it was actually done as I never opened any files, neither did i have any extensions. Sad that I lost it, had alot of scripts and models i made that has come to a waste now. But from that, i have started taking backups locally stored on my personal cloud I made with a RPi. Hope this can somehow be prevented in the future tho…
Heavily agree with NINJAMASTR999, thanks for this post dude you’re protecting a lot of the community from this, good explanation on cookie logging but don’t forget to also add looking for that “0 kb” File, 0 kb files are often cookie loggers since everything in it is just a copy & pasted code that steals their cookies and cache info. Very well explained though, thanks for this amazing post.
This is fun and games till a 0day hits you
An overpriced anti-virus isn’t going to protect you from a 0 day exploit. Depending on what the exploit is for, these programs will not protect you from something that exploits a vulnerability rooted in Windows itself; that’s just not how it works.
Most of these anti-viruses can just be considered bloatware. They just spam you with annoying notifications and do the exact same thing as Windows Defender. It all comes down to you not being an idiot online. If you know you’re doing dodgy stuff then use a VM. Don’t go pirating stuff on native Windows, that’s just stupid.
This is what happened with WannaCry and everyone got hit. Malwarebytes was one of the few anricheats that its heuristics caught wc from the beginning and minimized the spread.
Sad to see people here on Roblox getting cookie logged. Hopefully this can be fixed in the future.
Thank you, I’ve been a victim of cookielogging aswell and it isn’t that nice. I hope people can be more secure from the newer cookielogging techniques like the one vermcool uses.
Good to know that someone made a topic about this. My friend @Strongjohnfgamer has been cookie logged recently, so it’s good that you made a topic on this.
This is article is very nice, and informative. And its nice that you included the main Chrome extensions that are used oftenly , but a note would be how would the malicious Chrome extensions would work, but other than that its very nice! 
The vuln used by WannaCry was already patched; people just don’t update their software.
I have not been a victim of cookie logging however I have fallen victim to poisoned limited’s so I know the pain of losing an account and or limited’s to cookie logging but it’s nice that you went into detail and explained it.
Hello is cookie logging usually only done in the form of har files, or could there be a phishing link to to steal your ROBLO cookie.
Cookie Logging can be done in muitple ways including a phishing link or HAR file.
Oh wait so someone could send me there roblox group and it could be a phising link?
If it’s an official Roblox link then no.
Is it the same for discord links and ect?
No. Offical Websites owned by registered companys usually wont have cookies unless you agree to it in their TOS.
If you get sent a suspicious link, don’t click it.
If you believe you have been cookie logged then simply reset your cookie, which I believe was explained in this post.