Roblox accounts being targeted

I am not sure if any of you are familiar with Tyridge77, but over the weekend while he was away, his roblox account was breached by a user who gained access to his place files. Confined, a story of death and shadows was leaked which is a title that me and him both worked on. There are now multiple copies of the game flying around on roblox by different users.

Copies:
https://www.roblox.com/games/refer?TimeFilter=0&GenreFilter=0&PlaceId=131044661&Position=2&PageType=GameSearch&LocalTimestamp=2016-06-19T03:00:55.560Z&TotalInSort=2

https://www.roblox.com/games/refer?TimeFilter=0&GenreFilter=0&PlaceId=436004745&Position=12&PageType=GameSearch&LocalTimestamp=2016-06-19T03:03:02.509Z&TotalInSort=2

https://www.roblox.com/games/refer?TimeFilter=0&GenreFilter=0&PlaceId=436011101&Position=35&PageType=GameSearch&LocalTimestamp=2016-06-19T03:17:04.148Z&TotalInSort=2

these are just the few I found through a quick search…

After researching, I found the leak was posted on V3rmillion by a specific user who solely targeted Tyridge77’s account. He states that no malware was used, so I am assuming that some form of bruteforce was used to access his account over the course of the last few days.

I highly recommend that others seek to change their passwords to something more difficult if it is not already. This would allow a lower chance of any one else’s account being accessed through this possible method.

Also, Tyridge77 is unable to retrieve his account due to the password being changed which is also disallowing him access to the devforums here. I am making this post on his behalf also. Is there an email or some kind of support that he can message to allow him to regain access to his stolen account? He doesn’t believe there to be an email used on his roblox account, but rather one is connected to his devforum account. If anyone could provide insight on this part here, that would be great.

3 Likes

Seriously? So many breaches lately… Where’s our promised two step security???

13 Likes

He needs to contact info@roblox.com, thats what everyone says. But I agree, everyone needs to change passwords, on like everything, otherwise this skid will get into more accounts. Don’t use the same passwords, and don’t make them simple. Also use 2-step verification on all your email accounts.

I swear, this guy hates roblox, it’s like he wants roblox to die off.

Oh Jesus, DominusTrex.
Yeah, this guy has access to someone’s RbxDev account, so he can see everything that we’re saying here.
This guy cracked my old password somehow, and recently breached MrNicNac’s wiki account. He vandalized a bunch of pages, though we were able to stop him within less than 2 minutes.

My guess is that hes cracking accounts that have passwords simple enough to guess, which is one of the reasons why I have a very complex one.
I’m thinking about using a password manager too.

1 Like

Luckily for me my passwords are hard to guess. If people are going to be trying to get into my account, then they’re going to have a hell of a time doing it.

Also, would it be possible to add TLS/SSL to the devforum? I imagine it wouldn’t be too hard since the main site already has HTTPS; it would stop MITM attacks on the devforum because the ROBLOSECURITY cookie is still transferred over:

SSL would prevent this from being stolen over insecure HTTP requests.

1 Like

He cracked my Wiki account, but you assume I would have a simple enough password to guess. I do not believe my password is simple to guess. You’re recommend to change your password, more so, to change the cookie that is generated for your account.

Also, do you know why @UristMcSparks deleted my CFrame page on my user sub page? It has no note and was just randomly deleted. My assumption is that I may of had raw HTMl linking an outside image, which could possibly have a security breach if the owner of the image uses their .htaccess to change what the image serves (like JS).

My main ROBLOX account was also breached before, but was not done via a password. Rather, my security cookie was somehow compromised (and no this was before those phishing sites that get your cookie). I had simply come back after a long period of inactivity, opened studio, then 7 minutes later had my account trade all the hats i had to someone else.

on the topic of studio…

ROBLOX, could you please at least try to encrypt this stuff?

Come on, it’s not hard to browse the registry, and the damn thing is basically in plaintext.

7 Likes

Now can you see why I hated the idea of our roblox accounts being linked to RBX Dev? It’s a free ticket into RBX Dev if they get into our ROBLOX account. After the recent hacking/accounts/???/security stuff. I made all my passwords different for different sites and upped the length of them I really wish it wasn’t like that :cry:

For then if my ROBLOX account got broken into, I would still be able to go for help on RBX Dev


I think what really upsets/distresses me (sorry ROBLOX staff :frowning: ) but you’ve been using 2-step auth for nearly a year. I understand staff accounts are really important and of course it’s “beta” but now that developers are making ££££’s of money through DevEx we should really get 2 step auth like, before yesterday. If it’s good enough for the staff to use, It’s good enough for us. It was leaked by an employee (accidentally) on a next level stream (don’t remember which one but I do know it was when Alan was working at the company) Also showing this link

https://www.roblox.com/login/twofactorauth

2 Likes

I’m very familiar with tyridge and I’m upset that this happened :worried:

Tyridige didn’t have a verifiend email on his account? sigh

I’ve been hacked a few months ago, probably by the same or a similar method.
(pretty complex password, impossible to guess, not leaked anywhere)
(PRE-EDIT: scrap that “not leaked anywhere”, read further down)

Does cracking actually properly work?
I thought you could only try logging in 10x from the same IP in a day.
Of course, over a week with 99 proxies, that would already be 7000 attempts.
Still, not sure it’s completely possible.
(might as well bruteforce .ROBLOSECURITY cookies as that doesn’t have a limit)

His username appears twice on LeakedSource, a friend of mine is gonna check them in a minute.
Maybe he used the same password as on the hacked sites, which would be a possible cause.
PRE-EDIT: One of the records (Nexus Mods) had a plaintext password, ending with 62.
MrNicNac also has records, all with different passwords, but all short.
(dis iz completely legal, i promiz)

I named mine after my pet.

I’m from a foreign nationality so the name isn’t a real English word. It’s made brute forcing it impossible on current websites :smiley:

I did a test on it once, it took over 80 billion years to brute force.

You actually tested it? Oh my, that must have been a really long test. :stuck_out_tongue:

Just so you know, those “is my password secure?” sites don’t always give accurate results. Just because it says your password is secure doesn’t mean you don’t need to worry - I would still recommend being as diligent with your accounts as if it used a weak password.

That was the first place I mentioned to Tyridge. It was confirmed by him though that his ROBLOX password was none listed on that website. Not even any that were linked to his leaked emails on that site either were close. I assumed that the user had got it from that site, but there are no leaks as of recent for him. This is why I still believe it was some kind of bruteforce.

there’s a new account stolen literally every week

very worrying

Don’t click on random links, use a secure password, don’t use Skype, wait for two-factor authentication.

1 Like

What is this, the 30th breach of an account of an RBXdev admin/member the past month? Somethings up and it’s getting annoying that nothings being done to resolve the issue.

2 Likes

A common thread I’ve noticed to all of these is that the intruders tend to go after folks with limited items most.

No… my bluesteel… MY BABIES :scream:

better get a sixty character password pronto

Except now you’ve told everyone where they should start

1 Like