While Minecraft is often regarded as the creativity platform that started it all, Roblox is perhaps the one that was able to capitalize on it best. The User-Generated Content or UGC platform boasts of thousands of players, many of them young kids, and has become an educational platform especially in the past months. Given the audience, you’d expect the company to be extra careful about its security. One hacker tries to prove it isn’t but its message has been muddied by the methods used to convey it.

The hacker didn’t really go through the usual routes that both traditional hackers and even white hat hackers take to get inside Roblox’s servers. The latter groups would do hard, technical work to exploit vulnerabilities in the security systems used to protect a server. This hacker that disclosed to Motherboard the data it was able to pilfer paid or phished a Roblox employee to get the access he or she needed instead.

It’s not that the hacker wasn’t really able to get in. He showed screenshots and disclosed details that would normally be secured, something Motherboard was able to confirm with hacked Roblox users. For better or worse, the hacker limited his access to only the high-profile user accounts, though he did have the ability not only to see their email addressed but also to change passwords or turn two-factor authentication on or off.

The hacker said he only did it to prove a point to Roblox and to collect a bounty on a security bug. That vulnerability, however, doesn’t exist and Roblox reported the incident to its bug bounty platform HackerOne for further investigation. Once it was clear that no bounty award would be given, the hacker decided to do more damage and changed user passwords and stole their Roblox items. Update: A Roblox spokesperson tells us that the company declined the bounty after the hacker changed passwords and stole Roblox items from other users, not before.

The incident doesn’t detract from the fact that Roblox should indeed be more careful given the audience it caters to. The hacker could have chosen a better way to get that message across but his actions perhaps proved that he had less than benign intentions from the start.

Source: https://www.slashgear.com/roblox-accounts-got-hacked-by-allegedly-bribing-an-insider-04619242/

World news – GB – Roblox accounts got hacked by allegedly bribing an insider [Updated]

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici https://www.css-engineering.com/en/works/


Please enter your comment!
Please enter your name here