Roblox Cheaters Targeted with Malware Disguised as Cheat Scripts

Image

A wave of malware has surfaced, and it’s targeting cheaters all around the globe. Read on to learn more about what this malicious software is and how it is infecting unsuspecting victims in games like Roblox.

Lua Malware Targets Cheaters in Roblox and Other Games

Cheaters Never Prosper, As Fake Cheat Scripts Contain Malware

Image

Often, the allure of gaining an edge in competitive online games can be a powerful motivator. However, this desire to win is being exploited by cybercriminals who are deploying a malware campaign disguised as cheat scripts. This malware is written in the Lua scripting language and is targeting gamers across the globe, with researchers reporting infections in North America, South America, Europe, Asia, and Australia.

The attackers are capitalizing on the popularity of Lua scripting within game engines and the prevalence of online communities dedicated to sharing cheats. As reported by Morphisec Threat Labs’ Shmuel Uzan, attackers employ "SEO poisoning," a tactic that makes their malicious websites appear legitimate to unsuspecting users. These malicious scripts are disguised as push requests on GitHub repositories, often targeting popular cheat script engines like Solara and Electron—"popular cheating script engines frequently associated" with the popular children's game "Roblox." Users are lured to these scripts through fake advertisements promoting fake versions of these cheat scripts.

Image

The deceptive nature of Lua is a key factor in this attack. Lua is a lightweight scripting language that, according to FunTech, even "kids can learn." Aside from Roblox, other popular games that utilize Lua scripting include World of Warcraft, Angry Birds, Factorio, and many more. Lua’s appeal stems from its design as an extension language that allows it to be seamlessly incorporated into different platforms and systems.

However, once the malicious batch file is executed, the malware establishes communication with a command and control server (C2 server) controlled by the attackers. This can then send "details about the infected machine" and allow it to download additional malicious payloads. The potential consequences of these payloads are vast, ranging from personal and financial data theft and keylogging to complete system takeover.

Prevalence of Lua Malware in Roblox

Image

As mentioned, Lua-based malware has infiltrated popular games like Roblox, a game development environment where Lua is the primary scripting language. Although Roblox has built-in security measures, hackers have found ways to exploit the platform by embedding malicious Lua scripts in third-party tools and fake packages, such as the notorious Luna Grabber.

Since Roblox allows users to create their own games, many young developers use Lua scripts to build in-game features, which leads to a perfect storm of vulnerability. Cybercriminals have taken advantage of this by embedding malicious scripts in seemingly benign tools like the "noblox.js-vps" package, which, according to ReversingLabs, was downloaded by 585 times before it was identified as carrying the Luna Grabber malware.

Image

While it might seem poetic justice, there's little sympathy for gamers caught cheating in social media. Many believe that those who ruin the experience for others deserve the consequences of getting their data stolen. It's impossible to completely be safe online, but the surge of disguised malware should perhaps encourage gamers to practice digital hygiene, for the temporary thrill of a competitive edge is not worth the risk of compromising personal data.

Source:

Morphisec | Not All Fun and Games: Lua Malware Targets Educational Sector and Student Gaming Engines

CrowdStrike | What Is SEO Poisoning?

FunTech | What is Lua Used For?

Codecademy | Why Lua Is So Popular — & What You Can Build With It

DarkReading | Luna Grabber Malware Targets Roblox Gaming Devs

ReversingLabs | Fake Roblox packages target npm with Luna Grabber info-stealing malware

You may also like…

null Castlevania N64 Cheat Codes Discovered a Quarter of a Century Later
null Denuvo Anti-Cheat Introduces Watermarking Feature to Track Leakers
null Video Game Addiction Lawsuit Against Roblox, Epic, Microsoft and Others Dropped
null Roblox Studio Exploitation Accusations Countered with Defense of Platform

Comments

Game8 Ads Createive