More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Greece leaves spy services unchecked on Predator hacks
August 7, 2024
Greece’s 2022 espionage scandal dubbed “Predatorgate” had everything: eavesdropping on politicians, journalists and judges, exports of shady software to dictatorial regimes and high-profile resignations. Fast-forward two years and everyone in government is off the hook. In a 300-page report seen by POLITICO, deputy prosecutor of the Supreme Court Achilles Zisis argued that a series of controversial ...
- Cloud Cover: How Malicious Actors Are Leveraging Cloud Services
August 7, 2024
The number of threat actors leveraging legitimate cloud services in their attacks has grown this year as attackers have begun to realize their potential to provide low-key and low-cost infrastructure. Traffic to and from well known, trusted services such as Microsoft OneDrive or Google Drive may be less likely to raise red flags than communications with ...
- UK: Port of Tyne website hit by cyber attack
August 7, 2024
A port has fallen victim to cyber attackers who targeted its website. The Port of Tyne confirmed its site was down for some time on Tuesday following a distributed denial of service (DDOS) attack, which attempts to overload a website to make it hard to use or inaccessible. A spokesman for the port said operational systems, ...
- INTERPOL: Police recover over USD 40 million from international email scam
August 6, 2024
LYON, France: A global stop-payment mechanism developed by INTERPOL has helped Singapore authorities make their largest ever recovery of funds defrauded in a business email compromise scam. On 23 July 2024, a commodity firm based in Singapore filed a police report stating that they had fallen victim to a business email compromise scam, in which a ...
- Kadokawa confirms data leak of 254,000 people due to cyberattack
August 6, 2024
Japanese publisher Kadokawa has confirmed a data leak affecting 254,241 people due to a cyberattack. The finding, announced Monday, is based on an investigation by third-party experts. Of the leaked data, information of 186,269 people was related to Kadokawa Dwango Educational Institute, including N High School, a correspondence school. Kadokawa reported the investigation results to the ...
- Chinese hackers hijacked an ISP software update to spread malware
August 5, 2024
Windows and macOS machines alike have been hit by malware after notorious Chinese hacker group StormBamboo used a compromised internet service provider (ISP) to target organizations with poisoned DNS responses. StormBamboo used altered DNS query responses tied to automatic update mechanisms to target organizations that used insecure update mechanisms that did not properly validate the digital ...