Skip to main content
  1. Home
  2. Computing
  3. News

Malware cleverly weaponizes Discord to steal game currency from Roblox players

By

A flaw in Discord’s Application Program Interface (API) has allowed nefarious individuals to steal login credentials for Roblox, one of the first MMOs to support VR. From there, the Robux in-game currency can be funneled into a separate account and cashed out. Although only exploitable through traditional phishing practices, the flaw does raise concerns over the integration of popular applications with games that have real-money stores.

Discord is a popular chat application often used by gamers. It has the ability to handle group VOIP (Voice Over Internet Protocol) conversations and various other social functions. While popular with Roblox players, it has proven problematic as of late due to its API’s ability to execute user-generated code and applications. Because of that, infected systems can use the tool to steal user account information from Roblox in a money-making endeavor.

Recommended Videos

The method of attack first requires that a system be infected with malware. TrendMicro found an instance of a particular infectious program masquerading as a cheat app on one forum. That malware can sink its hooks into Discord and then wait for a user to play Roblox. When they do, it steals their account cookie and then sends that file over Discord to a specified channel.

Please enable Javascript to view this content

Those behind the attack can use that cookie to log into the victim’s Roblox account and summarily transfer out all of their in-game Robux, which can then be transferred out of the game and turned into actual cash.

There are even variants of the malware that persistently steal login details, making it difficult to control the damage done with a password change. What you can do to prevent such attacks in the first place is be very wary of unofficial applications that claim to have the ability to help you cheat in multiplayer games. While their use is unfair to other users, you also run the risk of infecting your system.

TrendMicro also recommends running a decent anti-malware program. It’s also good advice to keep such applications, as well as your operating system, updated. You should also be very wary of sharing credentials online, though in this instance, the exploit does it automatically for you.

It’s important to not trust any chat app too much. As TrendMicro’s other research shows, the APIs of many VOIP platforms have been leveraged heavily by hackers in recent years as their usage has grown.

Topics
Jon Martindale
Jon Martindale
Former Digital Trends Contributor
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
Microsoft Teams online vs. desktop: Which is best?
Microsoft Teams chat.

Microsoft Teams is one of the most popular team collaboration and communication tools available -- we even use Microsoft Teams here at Digital Trends. You can use it in a few different ways, too, including the web service or local desktop application. But which should you use, the desktop app or the web app?

There are some advantages and disadvantages to using Teams either online or on the desktop. Let's take a look at them to help you decide which is best for you.

Read more
How to keep your Microsoft Teams status active
Man uses Microsoft Teams on a laptop in order to video chat.

Keeping your Microsoft Teams status as "Active" can be a stressful experience if your boss is constantly looking over your shoulder. It might not be the most common Teams problem, but it's one we've all experienced at some point. While you might be getting on with something productive, if the person in charge doesn't know that and doesn't take kindle to "Busy" statuses, you may want to try some tricks to keep your status active when using Microsoft Teams.

Fortunately there are a number of ways you can do that, from the honest and transparent, to the slightly sneaky. No judgement here. You do what you need to do. We're just here to teach you how to keep your Team status active.

Read more
The most common Microsoft Teams problems and how to fix them
A close-up of someone using Microsoft Teams on a laptop for a videoconference.

Microsoft Teams was introduced in 2017 as a unified communication and collaboration platform aimed at helping businesses and organizations get things done. Microsoft leveraged the company's existing Office software experience and created a unified experience between Teams, Office 365, and Skype for Business. However, as with all software, things don't always go according to plan. If you're using Microsoft Teams, sometimes you can run into problems.

We're big Teams users here at Digital Trends -- it's our go-to communication and meeting tool -- and we've come across a few issues ourselves over the years. In the event you're having Microsoft Teams issues, here's how to fix some of the most common problems.

Read more