Attention Roblox Users and Parents

Safe on Social Education and Consulting released this article last week citing a team that has uncovered a threat targeting Roblox users where information is stolen. The article has been copied and pasted here.

Zscaler's ThreatLabz team uncovered a new threat targeting Roblox users......Tweaks (aka Tweaker) malware. 
This malware doesn't play around it can snatch your info faster than you can say "game over."
Roblox boasts an impressive user base of 71.5 million daily active users, making it a prime target for cyber attackers. A recent report from 2024 reveals that the gaming industry has surged to a staggering worth of approximately $455.27 billion. Given these substantial figures, it's no wonder that hackers are honing in on Roblox users to exploit and monetise sensitive data. Like countless other gamers, Roblox users tend to store a treasure trove of data within their gaming accounts.
And guess what? It's not just gamers at risk this malware could wreak havoc on whole families and even business networks.
54% of Roblox users worldwide are kids under 13. Yep, you read that right! Unfortunately, our young gamers might not fully grasp the dangers of cyber threats, making them prime targets for malware like Tweaks.
Now, you might be wondering, "How can a game like Roblox put my family, business or the company I work for at risk?"
Let me break it down for you:
Malware often includes keylogger functionality, which records every keystroke on the infected device. If your child uses the same device for gaming and other activities like browsing the internet that you use for logging into work/business/company networks, the malware could capture sensitive information such as passwords or corporate login credentials.
Malware like this one can also search for and steal specific types of data stored on the infected device. This could include personal information such as names, addresses, phone numbers, and even financial information stored in files or documents.
Some advanced malware allows attackers to gain remote access to infected devices. This means they could view, copy, or manipulate any data stored on the device, including family photos, documents, or sensitive corporate information if the device is used for work purposes.
If your child is playing Roblox on your device and that device connects to a home or corporate network, malware can exploit vulnerabilities to spread throughout the network and infect other devices. Once inside the network, the malware could access shared files, folders, or network drives containing sensitive information.
Malware can harvest personal information from the infected device to enable identity theft, which can have far-reaching consequences for individuals and families. This could include fraudulent transactions, unauthorised access to financial accounts, or even impersonation for malicious purposes.
So, what can you do to protect yourself and your family?
Make sure your antivirus software is up to date.
Be cautious when downloading any new software or add-ons for Roblox.
Never let your child play Roblox or any other game on your device.