More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Notorious data leak site BreachForums seized by law enforcement
May 15, 2024
BreachForums—probably the largest dark web marketplace for stolen data to be leaked and sold—has been seized by law enforcement.Now, both the regular and the TOR domain of BreachForums are plastered with a message telling visitors the site is now under control of the FBI. Raidforums ran from early 2015 until February 2022. The first iteration of ...
- Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
May 15, 2024
Since mid-April 2024, Microsoft Threat Intelligence has observed the threat actor Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks. Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware. The observed activity begins with impersonation through voice phishing (vishing), followed by delivery of malicious tools, including ...
- Man convicted following complex two year cybercrime investigation by Police Scotland
May 15, 2024
A 21-year-old man from West Dunbartonshire has been convicted of creating, selling and supporting an online computer system with the capability of bringing down websites. Detective Chief Inspector Andy Maclean, of Police Scotland’s Cybercrime Investigations Unit, said: “Tagore supplied a tool used by his customers to carry out Distributed Denial of Services (DDOS) attacks. These are ...
- Massive COMB data breach reveals info on over a billion people
May 14, 2024
Someone is combining information on Chinese citizens leaked in different data breaches into a single database, and has so far made more than 1.2 billion records. This compilation of many breaches (COMB) contains plenty of sensitive user information, including phone numbers, postal addresses, ID card numbers, and more. Researchers claim they spotted an unprotected database on ...
- Christie’s £670m art auctions hit by cyber attack
May 14, 2024
Auction house Christie’s attempts to sell art and other high-value items worth an estimated $840m (£670m) are being hampered by a cyber attack. Lots ranging from a Vincent van Gogh painting, valued at $35m, to rare wine are going under the hammer in its spring auctions. Would-be buyers are unable to view them on its website ...
- Ireland: More than 470 legal proceedings issued against health service after ransomware hit
May 14, 2024
More than 470 legal proceedings have been issued against the Health Service Executive (HSE) in relation to a cyber attack that shutdown the health service’s IT systems and compromised the data of thousands of patients and staff three years ago. Conti, a Russia-based cybercrime group, launched its ransomware attack on the health service on May 14th, ...