Bleeping Computer reports that over 2000 accounts on the Roblox gaming platform have been hacked…
…not to make money or steal information, but to support Donald Trump’s re-election as US President.
Hacked Roblox profiles are being modified to read:
“Ask your parents to vote for Trump this year! #MAGA2020.”
At the same time hacked users’ avatars are being kitted out with red baseball caps, and a white t-shirt emblazoned with an eagle and the United States’s flag.
Unfortunately they’re not also being given face masks.
Of course, the typical Roblox player is too young to vote in the US Presidential Race in November even if they were likely to be convinced by having their account hacked.
Mystery surrounds who is responsible for the defaced accounts, although it feels fairly safe to assume that they are a fan of the current occupant of the White House.
Affected Roblox users would be wise to change their passwords, and ensure that they are not using the same password anywhere else on the internet. Reusing passwords is always a bad idea.
In addition, I would recommend enabling two-step verification (2SV) on Roblox for a higher level of security. I don’t particularly love the way that Roblox has implemented 2SV but it’s better than nothing. Just be sure not to add someone else’s email address to your Roblox account, otherwise they’ll be sent your 2SV security code as well.
Roblox players may need reminding to never enter their username and password into an in-game form, which can be one way for fraudsters to steal credentials.
In addition, gamers should be wary about what programs and browser extensions they install – they might be dressed up as ways of getting free Robux (Roblox’s in-game currency), prizes, or cheats but actually be designed to steal passwords.
And, for goodness sake, take that hat off your head and change your t-shirt.
You can listen to further conversation about this hack in this episode of the “Smashing Security” podcast: