Posted on July 1, 2020 at 2:18 PM
A pro-Trump hacking group is reportedly hacking kids’ accounts on Roblox, a popular social media gaming platform. According to recent reports, the attackers are spreading a “Vote for Trump” message to the victim’s parents.
As one of the most visited websites in the world, Roblox has over 91 million monthly users and is currently ranked 51, according to the latest ranking by Ahrefs data.
The platform is marketed at children aged between 9 and 14 years. The players have complained that hackers are sending in-game messages from the compromised profiles to the account holders’ friends, asking them to vote for Trump in the U.S. presidential election coming up in December.
The hackers used avatars and dressed them in existing in-game accessories that look like souvenirs worn by Trump supporters.
Additionally, some of the dressed avatars are wearing a T-shirt that features an American eagle. As at press time, there are over 1,000 profiles in Roblox featuring the phrase, “Ask your parents to vote for Trump this year.”
Players are still in control of their accounts
Some of the players in the site stated that they are still in control of their accounts as they can still edit and change their profiles. That means the users can still change their account login details to make the account inaccessible by being hackers.
Roblox users have been lodging complaints about the situation on Twitter. They are complaining about largely unused or alternative accounts being hacked and used to send the “Vote for Trump” message.
The message does not appear to be only a prank as the avatars are seen wearing American Eagle T-shirt and MAGA cap. This shows that the attack is a genuine account compromise campaign.
According to the Bleeping Computer research team, the numbers of affected accounts have grown to over 1,000 within a space of a few days.
As previously stated, the hackers even designed the account avatar in a way that supposedly represents Trump’s supporters.
They used a red baseball that has the inscription, “RUNNING OF THE BULLS,” which, at a first glance, looks like a MAGA cap.
Poor password security likely cause of the breach
Bleeping computer also reported that the hackers are utilizing very easy brute-force methods to compromise the accounts. This is a result of the use of weak passwords on the affected accounts, the research team stated.
The most probable method of attack is the use of credential stuffing, as the hackers use credential pairs shared across services and sites, instead of trying to log into the accounts with lists of commonly used passwords.
When one account is compromised as several email addresses and passwords are tried, it can open the gateway for other attacks and compromises to occur. However, it doesn’t seem that any password was altered or any fraud was committed. Bleeping computer said the attackers used very simple techniques to compromise the accounts of their victims.
Hackers not linked to Trump’s election campaign
There was no breach of the Roblox servers, but merely the possible use of in-game currency to buy the avatar clothing. Also, no evidence suggests the hackers were politically motivated or whether they are linked to the official campaign organization of the Donald Trump 2020 re-election.
The Trump election campaign and Roblox have been contacted for comments regarding the incident, but none of them have responded as at press time.
Regaining control of the compromised account
Security experts have advised how users can regain control of their compromised accounts. It is worth stating that users have not completely lost control of their accounts, as the hackers only temporarily assumed it.
The simple thing to do is to request for a password reset since the hackers cannot change the passwords themselves. The affected users, upon receiving their new password, should change their login details. This will lock the hackers out of the account since they won’t have the new account details.