I just recently got my account back. Here is what happened to me :
I was doing my own thing when i got an email. It said my email was changed, I went to click the link provided the email to revert my it back to the original, But it didn’t work, I kept getting an error. I tried to login, but at no luck. I was locked out from both roblox and devforum. I then went to email info@roblox to get back into the account, and to help get back anything I lost.
Here is what i found when i got back in :
I noticed all of my items missing, so i went to check my trades tab.
They bought my account BC and traded all my items.
They traded all the smaller items into these main accounts.
And sent all my LARGE items to an recently made alt account
Side notes :
The email it said was changed to “alduix@icloud.com”
All of my social media was all removed, hidden, and replaced with just this “http://www.facebook.com/taylor.estrada” (weird) Side note edits :
The link from the email Roblox
Recently got 3 emails saying someone is requesting a password reset, I did request it. They happened in a rapid burst, like someone was impatiently trying to get the email. I’m going to assume it was the person who changed my accounts email in the first place, trying to go for another round.
It might have not been a real email from ROBLOX and instead the perpetrator found out your email somehow and sent you a fake email reset and when you tried to log in he got your password.
Huh, so the link is valid, but I don’t know why it gave you an error when you tried to use it. Maybe he changed it to a different email, then used the revertemail to go back to the first email he switched it to, invalidating yours? Looks like he got into your account but not your email.
Hm. Maybe everyone who had their account hijacked can PM an admin their browsing history for the past week or two and they can see if you all visited the same place by combing through the history automatically with a program. I guess they could set up an anonymous submission thing too in case you don’t want them knowing your browsing history belonged to you.
Not all famous people are instantly having their account hijacked, so I doubt they’re able to take any account they want. You all must have something in common that you did for them to be able to take your accounts.
I live but a simple life on my PC consisting of roblox, imgur, youtube and Gyazo, only things i been on in past week. I doubt anyone from those other sites are interested in roblox accounts
If they used a credit/debit card, then yes, but with the spree this guy is going on I doubt he’d make a mistake like that. He probably purchased it with a ROBLOX gift card (or even a credit card he got through scamming)
Thats like saying that people who have their houses robbed must have let the burglar in because bill gates hasnt had his house robbed yet.
I could pretty much guarantee that anyone involved has had to log into devforum lately
Have we established that this is mostly happening to devforum members? If so, it might be wise to look through links posted here and by the twitter dev community in the past few weeks.
Don’t trust Ctrl-F to check a plugin for malicious code. Chrome extensions can download and execute arbitrary scripts on the fly, so there’s no way to know what’s happening without looking at your network traffic.
If you’re Ctrl+F-ing for certain stuff, you would probably skim over all the code.
Just doing Ctrl+F can make you miss even the simplest thing you’re looking for.