In this talk, Devanagaraj, an IT security expert from Pune, talks about how he used a script to steal millions of dollars from a RoblOX customer.
This attack works by sending a crafted file from a malicious server to a victim, which in turn then sends an HTTP request to the victim’s website.
Once the victim receives the request, the script injects malicious code into the RoblX application, which then sends the request to a third party website that downloads the malicious code and redirects the user to the malware page.
In order to steal the money, Devasiraj used a tool called the ‘Trojan Horse’ to redirect the user from a legitimate Roblax page to the malicious one, which he then exploited.
Devanagaraj has also shared details about the method used to execute the attack.
We would like to thank Devanager, for allowing us to use his exploit for this report.