Here’s a story for you all. I just witnessed something I had not once witnessed in my life
So earlier today, 6/14/2021 I was playing ROBLOX Anime battle arena, and the moment the round ended my anti-virus went off
But here’s the strange part
I wasn’t alone.
Other people in my server got the same as me, their anti-virus went off. The reason this happened was because ABA has a gamepass that allows you play a winning theme through a ROBLOX Audio asset ID when a round ends and you win.
That’s right, the audio had a VIRUS ATTACHED TO IT?? A roblox asset, played by a user inside of the game, was able to slip into my PC and set off my anti-virus?
Here’s the Windows anti-virus message
Anyone got any suspicions as to how this was possible? I wish I asked the people ingame if they knew more tbh
I don’t know much about how this stuff works but my suspicion is that when a Roblox audio asset is played, the Roblox client downloads it from Robloxs servers and stores it in a cache (inside the directory shown under “Affected items:”).
Somehow someone was able to attach an installer onto the audio asset, it might be that Roblox servers were compromised and someone could change the original audio file on the server to an installer. The game you were on needed to play a certain audio id so it sent a request to your client. Your client then requested the audio asset from Roblox’s servers and the server just returned what was stored under that id, not knowing whether it was an audio file or something else. Your client receives the file, stores it in the cache, then runs it. Instead of an audio file it just runs a malware installer.
It’s also possible they somehow intercepted the request, but these are just my guesses. I’m sure you should be able to find more info on this issue of you keep searching, it might still be something new. Never heard of this issue happen before, honestly makes me a bit concerned, but I hope Roblox can patch whatever vulnerability they have soon.
