I was browsing TikTok today and I came across a video of some guy stealing a person’s Roblox account while in class. I noticed that this person was promoting his “services” in stealing and selling Roblox accounts.

I decided to join the server on an alternative account to check whether it is real or not. He does seem to have a few accounts on sale which are allegedly stolen, and on his second server, he seems to be selling (from what I personally understand) guides on how to refund items that you have received (which I am pretty sure is a crime of its own). From the few videos that he has posted advertising his “work,” it does seem like a legitimate method of stealing accounts (he is stealing the account’s cookie via an image and then using it to access the account), although there is no real way for me to confirm that it isn’t just for show.

After clicking on his TikTok account linked on the Discord (seems to be different from the one I saw the video from), he had a video with the caption “16-year-old beamer” and he showed an envelope with money inside (like he was showing off the money he earned). After that, I went ahead and reported both his TikTok account and his Discord servers, and left them both.

​

This got me thinking though, how legal is this? I assume that if a credit card was saved and he was buying stuff with the credit card, that would be credit card fraud, but since Roblox doesn’t store that information, the only thing currency-wise that exists are Robux, so is this really covered under some law? Additionally, he is selling said accounts and making profit out of it. I would assume this is illegal, but I can’t quite wrap my head around what law this would be under. My question to you is, how legal is this, and what laws cover this specific issue? Surely, there must be some law covering stealing and selling accounts, right?

Have a no0b question? New to hacking? Looking for a script? Need help with your github project? Something wrong with your payload? Stuck on a CTF or bug bounty?

This is a weekly recurring post to make friends with other hackers, ask questions, and get any type of help you may need.

Make sure to read our wiki as it’s full of resources for you.

Keep all beginner questions in this weekly stickied post.

Hi all,

So, my computers have been a lil whacky for about a month. Not just my PCs but my internet connection too. Bit of background I work in infosec, on the defensive side of things, as a 1st/2nd line SOC Analyst. I do a lil bit of engineering too.

So, it all seemed to start about a month ago. I’m chatting with someone on reddit. We’re vibing getting along, but somewhere down the line he all but confesses to me that he’s full on black hat. I was new to reddit, had made an ‘anonymous’ account (yeah righttt), but I shit myself. At this point we had exchanged lengthy conversation and images of various things. Nothing sexual if that’s what you may think, reddit is as funny old place, just cool stuff. We had also moved the convo over to discord. It’s dawning on me that my opsec had been absolutely pants, and that I had given this person more than enough to go on to begin to piece the puzzle of who I am together, not least of which my IP address, and exact geo location and mobile models and possibly PC models and OS’s in the EXIF data for the images and stuff I’ve sent. It’s also dawned on me that he could have sent malicious files, that I’ve opened naively.

Then it dawned on me that a couple hours or so into our conversation my internet connection had started playing up. Like it was being seriously overworked, busy. This had then been a consistent nuisance the whole time.

It’s also dawned on me that my ‘anonymous’ profiles are not as anonymous as I would have liked, and that there are links between those and my legitimate accounts, here and there.

Both my laptop and my desktop, running Mint, have slowly but surely deteriorated over this time. They crash and they crash more often, and are often otherwise very sluggish and slow. Checking the system monitor doesn’t show anything untoward, very low level usage of some modest resources. I know that many malicious programs can hide their use of resources, though. My laptop is BURNING through the battery when it’s on, and also itself. It gets unbelievably hot.

Internet connection has been very poor and patchy. I have a half gig fibre connection and it is usually very reliable. I can tell when it’s being hammered, because the percentage connection strength will drop significantly. It has been almost consistently lower than it should have been, and very low at times. It’s only me in the house at the moment, and I’m rarely streaming things. Just on reddit and also various other curiosity quenching ventures.

To begin with my web browsers (alternate etween firefox and brave) were remembering things they shouldn’t be. History and authentication info and the likes. Then, as is the case now, they’re gone amnesic.They don’t seem to be remembering anything.

[EDIT: Also, firefox warned me that an admins made changes to it’s settings, a policy called ‘DisableAppUpdate and the value was true. Looking online ppl are saying oh no worries your organisation will have don it for you! My machines are not managed by an organisaiton, as far as I’m aware. However is it the case that ‘root’ could be the admin/organisation in a similar scenario?

My instagram account has been locked up and won’t allow any real actions to be taken. It just sayd: ‘Try again later. Whe restrict certain activity to protect our community.’ Which is kinda weird, since I rarely use it. I’m thinking maybe someone has tried brute forcing it and ended up locking it up.

I’ve done some basic checks on the machines to see who is logged on and what processes are running etc but not found anything concerning. Done some virus scans with CLamAV and such but again, nothing untoward.

I could just be being totally paranoid but I’m going to wipe evrything and reainstall clean images anwyay.

If you have any thougts on this I’ve love to hear them!

Amd let me know you need any logs and such to assist.

Many thanks in advance, Comparison Own3335