As reported by Motherboard, the hacker was able to look up the personal information of over 100 million active monthly users. The perpetrator could see email addresses, change passwords, remove two-factor authentication from accounts, ban users, and even hand out in-game currency.

While they could have accessed information on many of the game’s users, the hacker only looked up a small number of accounts. Speaking to the Motherboard, the person said they “did this only to prove a point to them.”

Roblox, which is available on multiple platforms (download the PC version here), lets people create their own games or play ones made by others. It’s incredibly popular with children and has a massive YouTube community. One of the most high-profile players, YouTuber Linkmon99, had his data accessed by the hacker, who took screenshots of their actions as proof.

The hacker was able to do more than just view data. They changed the passwords for two accounts and sold their items. Another screenshot showed a successful disabling of two-factor authentication on a different account.

As the platform was breached, the hacker attempted to claim a bug bounty from Roblox, but because this was achieved using social engineering and bribery, rather than a vulnerability, the company refused to pay.

Roblox said it has now notified the users that were affected and reported the incident to bug bounty platform HackerOne.

If there’s one thing the incident proves, it’s that the weakest link in a network’s security chain is often its employees.

Source: https://www.techspot.com/news/85119-hacker-accessed-roblox-users-data-bribing-employee.html

World news – CA – Hacker accessed Roblox users’ data by bribing employee

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici https://www.css-engineering.com/en/works/

LEAVE A REPLY

Please enter your comment!
Please enter your name here