What was the Roblox studio exploit and am i safe?

I have Malwarebytes premium. I’m not that concerned.

3 Likes

It required you to have a plugin with the vulnerability installed, and as long as none of the plugins you had were malicious and were by trusted users. Then I think you should be fine. But I would run an antivirus scan and look for anything suspicious.

I think it should be at #bug-reports:studio-bugs no?

No. It got fixed i was just asking what the hell it was about. Plus i can’t post there.

Ok. How you fixed it, so? Have a good day!

It was a Roblox issue. They fixed it.

1 Like

For anyone wondering how it works, the people who found it posted an amazing article here: https://github.com/latte-soft/0x1D

As for if your safe, I can almost guarantee you are. The people who found it never used it maliciously, they planned on reporting it to hackerone in order to claim bounty money. They ended up leaking it publicly because it was going to be patched by Roblox, and they could no longer report it for money. It was patched extremely quickly after it was released publicly, and to my knowledge 0 plugins on the marketplace actually had it, the only plugins with it where used for testing and not ever published.

If you have updated your studio, I would be willing to bet money on the fact your safe. If you haven’t, go do that.

7 Likes

Ok now I am unable to play any Roblox game with more than 1 or 2 fps and having an empty baseplate open for more than 5 minutes crashes studio.

4 Likes

Maybe G-Sync?

I believe it was the hack, a few days ago my pc stopped detecting my gpu and it was really overheating even when I wasn’t using it (bitcoin mining probably.) After that a few days later i couldn’t boot into my pc, and when i used the Explorer cmd from recovery mode my pc was spammed with weird files and processes. Once I ended a process my pc rebooted and after that it didn’t ever show the bios again. I’ve had to use a spare motherboard and lose months of data due to this. I wish Roblox was more secure.

You literally lying. The bios is basically impossible to access. That’s not Roblox.

The BIOS certainly isn’t impossible to access, there’s certain vulnerabilities in them, and on devices such as laptops, you generally update within your OS, and not with any flashing process before you get into your bootloader.

1 Like

It’s a rare case and i don’t think some Roblox nerds can do that in a few hours.

Trust me, it’s probably easier to take advantage of this than you think

There was most likely no one using this, but BIOS attacks while rare, are extremely dangerous because they can lead to a malware having near permanent persistence if abused right, its nothing to scoff at

Relating to the theory of there being a Lua RAT or RCE added through a security vulnerability, I saw that there was a similar issue going around in the ROBLOX exploiting community where game developers were creating fake exploit scripts for their own games that contained Lua RAT/RCE code to essentially “seize” the exploiters computer.

Not sure how true this is, but its pretty interesting so I just wanted to put this here.

If a file or program is giving you errors, never run it as an administrator unless it specifies that you do that. Running files as administrator gives them elevated privileges which means if there is faulty code, it could potentially cause serious damage or harm to your computer.

For some reason this reminds me of the java exploit around a year ago.

1 Like

First of all, it did happen, and I had to use a spare motherboard to get a new bios file to flash to the bios and now at least the motherboard works, but the SSD is still corrupt. Second of all, these aren’t just some nerdy skids, this is a group of scripters specializing in exploits, they had probably been working on that for a while.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.