2 min read

Malicious Chrome extension found stealing login credentials of Roblox users

Alina BÎZGĂ

November 24, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Malicious Chrome extension found stealing login credentials of Roblox users

Chrome extension “SearchBlox” has been found to hold a malicious backdoor that can steal login credentials of Roblox users alongside digital assets on the popular trading platform Rolimons, BleepingComputer warns.

According to researchers at the technology and cybersecurity news outlet, the compromised browser extension has already been installed by over 200,000 people. When looking up the ‘SearchBlox’ extension on Chrome, researchers noted that users can find two unsafe extensions, under these IDs:

  • Blddohgncmehcepnokognejaaahehncd – with over 200,000 downloads
  • ccjalhebkdogpobnbdhfpincfeohonni – with 959 downloads
Source: BleepingComputer

The news of the backdoored Roblox plugin was announced on an unofficial Roblox Twitter page Wednesday morning, warning users to immediately change passwords to their accounts:

“Popular plug-in SearchBlox has been COMPROMISED / BACKDOORED - if you have it, your account may be at risk. Please change your passwords IF YOU HAVE IT - and credentials, so that way your account is secure again,” the Twitter account warned.

Both malicious plugins contain a backdoor that loads an obfuscated code that exfiltrates users’ Roblox credentials to another domain.

Google was also alerted to the two malicious add-ons, and the company confirmed it has removed them from its Chrome store.

"The identified malicious extensions are no longer available on the Chrome Web Store," a Google spokesperson told BleepingComputer. "The extensions are blocklisted and will be automatically removed from any user machine that previously downloaded them."

Roblox users are advised to clear their cookies and immediately change the passwords for both their Roblox and Rolimons accounts, as well as for any other accounts that were created or logged into while using the malicious browser extension.

If you struggle to remember all the online accounts created over the years, and you’re not sure whether your information was part of a data breach or leak, check out Bitdefender’s Digital Identity Protection. You can find old accounts linked to as many as 5 email addresses, manage your digital footprint and stay on top of data breaches with 24/7 alerts.

Pair your Digital Identity Protection tool with our 3-in-1 security and privacy pack to benefit from a best-in-class and award-winning antimalware solution, Premium VPN service, and cross-platform Password Manager for ultimate online security no matter where your digital habits take you.

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Royal Ransomware Launches Attacks on US Healthcare Organizations, Government Warns Royal Ransomware Launches Attacks on US Healthcare Organizations, Government Warns
Vlad CONSTANTINESCU

December 09, 2022

2 min read
North Korean APT Group Exploits Internet Explorer Zero-Day Flaw, Google Warns North Korean APT Group Exploits Internet Explorer Zero-Day Flaw, Google Warns
Vlad CONSTANTINESCU

December 08, 2022

2 min read
Medibank Goes Offline to Rebuild Cyber Defenses in Wake of October Hack Medibank Goes Offline to Rebuild Cyber Defenses in Wake of October Hack
Filip TRUȚĂ

December 08, 2022

2 min read