Honestly, I was not expecting this announcement. Well done Roblox!
Do this more often.
Honestly, I was not expecting this announcement. Well done Roblox!
Do this more often.
can someone explain in layman’s terms?
So… how do we identify if we installed the malicious version?
Use npm list and if a package that shows up is in the list they provided, congrats
Sorry… what is NPM list ?
And where to find it ?
Would like to know what to look for as well.
This is insane, I never thought that people would use a open-sourced api-communicator javascript package to perform really malicious activites on your personal device / server.
Thank you roblox for keeping us safe!
If you don’t know what npm list is (or really the npm ecosystem itself), you’re fine
Yea I guess, but they didn’t even announce their own data breach (a while ago) as far as I know.
I’m not sure if this is related, but today I’ve had an unauthorized trade where I lost my all expensive limited items, there were no verification requests from Authy app and the trade just appears in completed trades log.
Edit: I’ve filled a support ticket and hoping to receive my items back.
Edit2: Successfully retrieved my items back after contacting Roblox Support and disabled my trades completely to prevent this from happening again. A big thank you to Roblox Support team
Glad that I don’t think I’ve installed this API otherwise my computer would have had some major problems. Thanks for letting us know!
thank you for the post and awareness,
I definitely agree, do not download programs from untrusted sources, e.g only download Roblox (both Studio and Player) from the official Roblox. Do not download Roblox from unverified sources who are pretending to be real roblox people.
This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.