Keyloggers are programs that log every key a person types and send it to the creator of the keylogger typically via email. On ROBLOX, they are often used to steal other player's accounts. Oftentimes, within OT, suspicious links and links that automatically download have been accused of being a keylogger

A usual sign that you are being keylogged

Confusion with Phishing

Keyloggers and phishing sites are often confused. Keyloggers are typically downloadable .exe or .mx files. The user initiates the keylogger by downloading and running the file. Phishing sites, on the other hand, require users to manually input their information. These sites oftentimes appear very similar to the authentic sites they are trying to mimic as a way to trick players into inputting their information.

Notable Keyloggers


Some time in March 2014, a user named Rainb0wcrash posted links that led to phishing websites on many subforms, including OT, C&G, and RT. Many OT'ers fell for this phishing scam, such as EminentDoom, though Rainb0wcrash was eventually deleted because of this.To other OT'ers, this incident is known at the March 2014 Keylogger Attacks.


PhantomFog also posted links that led to phishing websites on multiple subforums. Like with the March 2014 Keylogger Attacks, many OT'ers lost their accounts due to this keylogger. Even though PhantomFog was deleted for his actions, much of OT no longer trusts .mx files.

Supposed Leaked ROBLOX Items/Updates

Some accounts have posted suspicious links that supposedly lead to a leaked item or private announcement from ROBLOX, and they have often been accused of being a keylogger. Like most keyloggers, goingg to the link automatically downloads a file.

OTSlums Keylogger Controversy

In late June 2014, DignityHQ started using an alt to advertise a spinoff called OTSlums. Later on in the day, boynedmaster claimed it was a keylogger and posted a picture of his task manager with what appears to be two winlogon.exe processes

The site it was hosted on, x10, suspended the account and the site. DignityHQ later received an email saying that it was un-suspended, and that no malicious files were found; he even posted a picture of it to people who still think it was a keylogger

Supposedly, it was stated that boyned renamed chrome.exe in task manager to winlogon.exe so that it looked like it was a keylogger, as shown in a Skype chat, but the one posting the Skype chat said the chat was faked. The controversy still goes on today. Some who still think it's a keylogger accuse those who say it isn't due to the proof of being PG'd by DignityHQ. There is no answer yet.