Malware disguised as obby development toolkits and scripts are being distributed on GitHub, and Google is none the wiser.
Multiple blank repositories are ranking highly on Google search, with some results the outranking the Obby Wiki’s developer tooling and GitHub organization.
This is a notice to be wary of installing any development tooling relating to obbies and to never ever install and/or run an executable (or .exe) file in relation to obby development as these tools never need to access your desktop. A real development model or plugin will almost always be a Roblox model or on the Roblox Marketplace. The only Roblox-related development tooling ever to require executables are tools like Rojo, which these are not.
There are multiple repositories on GitHub with AI-generated feature-sets and descriptions that are not real in the slightest. So, what do they do? Well, they all link to a GitHub pages download website, which displays a download button leading to malware. This malware is almost always a zipped file with a password (to avoid static anti-malware analysis), that contains an infectious executable that compromises your system when run.
Multiple repositories have been reported to GitHub over a month ago, but no action has been taken. They claim their support is currently ‘under heavy traffic’.
And yes, Google, and specifically its AI product ‘Gemini’, tends to heavily promote these malware repositories, almost absurdly so. A simple search for the ObbyWiki GitHub yields nothing related to us, but instead this malware.
Here are some repositories and users we identified to be fake and spreading malware:
- MatsuoTR/obby-maker-pro-toolkit
- allz26/obby-ball-adventure-roblox
- HedayaKhalid/obby-race-royale-toolkit
- jfjfjgjfiej/obby-legends-toolkit
These bad actors additionally have their obfuscated GitHub pages malware-redirecting download button on their accounts as well.
Please stay safe and never trust these sites and suspicious zipped file downloads that require passwords.
The obby community is notoriously undocumented (besides a few well-known games), which leads AI like Google’s Gemini to poor sources like this clear malware. Literally, it recommends single file repos that are just plain malware. If you want to help improve this lack of public information, consider contributing to the Obby Wiki.
We also have a development tutorial for beginners that is completely safe and requires no executable downloads or other red flags! Check it out here: Get Started Making An Obby - Obby Wiki