By CagedTech in Trojans, Stealers

Threat Scorecard

Ranking: 1,164
Threat Level: 20 % (Normal)
Infected Computers: 3,533
First Seen: November 27, 2022
Last Seen: September 25, 2023
OS(es) Affected: Windows

SearchBlox has been classified as an untrustworthy and even unsafe extension for the Google Chrome browser. Cybersecurity researchers have identified two different variants of the application, with both offering the same functionality - the ability to search the servers of the popular Roblox platform for a specific player. However, in reality, if SearchBlox is installed on the device, it will target the user's credentials for Roblox and the associated trading platform Rolimons.

It should be pointed out that SearchBlox has been available for download via the official Play Store on several different occasions. Since July 2022 that application has been removed at least once. This fact may signal that the SearchBlox may not have been created with ill-minded intentions from the very start but became weaponized at a later date. No matter what the case is, the browser extension has managed to rack up over 200, 000 downloads.

The SearchBlox variant will ask users for permission to access data either on the Roblox website only or on all visited pages. The goal of the unsafe extension is to collect login credentials for Roblox and Rolimons. If successful, the fraudsters can compromise the associated accounts and collect items or assets from them. Victims could experience serious financial losses, as Roblox items can be traded for real currency and have a monetary value.


SearchBlox may call the following URLs:



Most Viewed