"Hackers Compromised Synapse X Scripting Engine To Inject Trojan Code Into Roblox Game"
In March 2022, researchers at Avanan discovered that hackers inserted Trojan code in the Synapse X scripting engine used to generate Roblox cheat codes. Roblox is a popular game, with over 50 million daily active users worldwide. Hackers were found installing a self-executing program that dropped three executable library files (DLLs) into the Windows system folder. One of the malicious files contains Trojan code and might be referenced by Windows to run persistently as a Windows service or background process. The infected Trojan file, which is hidden in the Windows system folder, can corrupt or erase data and interact with hackers. These privileges could enable hackers to launch additional payloads or encrypt data with ransomware. Avanan detected the Trojan code file in a customer's OneDrive folder, which was most likely uploaded by mistake. The researchers warned that the malware infection in the game could pose major cybersecurity concerns, particularly to unsecured devices. As employees may mistakenly copy the malicious files from infected devices, the Trojan code creates a corporate cybersecurity risk. Furthermore, children playing the Roblox game on their parents' work computers could install the compromised Synapse X scripting engine to gain cheat codes. This article continues to discuss the discovery of a Trojan file hidden inside the legitimate Synapse X scripting tool and the Roblox game maker's response to the exploit reported by Avanan.