With a minimalist design and official-looking domain, users were tricked into entering their account credentials.
The creator of this phishing website was Bannana97, a popular user at the time who had multiple successful games. After the phishing site's demise, he posted some information about the scam on his own website.
He used the funds from the phishing scam toward an "ad domination" group, which successfully took over the ad system for less than a day before his account was terminated. His alternate accounts, including HolyBanana and AceBailey, were also deleted.
There is much speculation about the website, how it was built, and how it worked. It is believed to have been programmed in the PHP programming language (Bannana97 claims to be a PHP developer).
Despite rumors that the site was completely automated, this is untrue. The site did automatically logged into user accounts, but this was only to record their currency. The actual theft of currency was a manual process.
- The site was innovative because of its automation, which effectively made it more efficient and effective.
- According to its creator, the total amount of currency actually stolen was (at most) valued around 45,000 R$.
- Rumors claim that the database containing usernames and passwords was leaked, but there's currently no evidence to confirm or deny this.
- The site was launched on a Friday evening, which meant Roblox wasn't aware of the phishing site until Monday morning.
- The total amount of Tix and R$ of all users in the database is believed to be around 60 million Tix and 850,000 R$.
<ref>tags exist, but no
<references/>tag was found