Kaspersky Finds 34 Million Roblox User Credentials Infiltrated With Malware

Roblox game display (photo: Unsplash)

JAKARTA - Over the past three years, cybersecurity firm Kaspersky has managed to find 34 million Roblox user credentials (logins and passwords) that have been compromised by malware and leaked on the dark web.

Thus, this game is a very profitable target for cybercriminals who use infostealer malware. Concerned again, the number of accounts compromised for the game of these popular children continues to increase every year.

over over the past three years, this figure has increased by 231 percent, from around 4,700,000 in 2021 to 15,500,000. by 2023.

In general, the average number of accounts compromised in a combination of 11 other popular random platforms or games include Twitch, Electronic Arts, Sony PlayStation, and Steam has increased entirely by 112 percent since 2021.

According to Kaspersky researchers, the reason behind the high volume of login credentials related to Roblox is because children are the most vulnerable group, especially against various types of social engineering.

For example, cybercriminals can hide infostealers in files containing malicious codes to deceive young gamers, explained Yuliya Novikova.

Although there are many cases of login credentials theft on Roblox's account, this is not the main point sought by cybercriminals on the dark web.

Certain accounts are much more attractive to them, for example, the number of dark web posts selling or buying Steam accounts peaked at around 10,000 between 2021 and 2023, while ads related to the stolen Roblox accounts remained below 150.

Cybercriminals target game accounts to steal valuables, such as real money, in-game currencies, and various items in the game. Steam's account seems more attractive to cybercriminals because of the potential to find and steal real money on the account," he concluded.