More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Iran accelerates cyber ops against Israel from chaotic start
February 6, 2024
Since Hamas attacked Israel in October 2023, Iranian government-aligned actors have launched a series of cyberattacks and influence operations (IO) intended to help the Hamas cause and weaken Israel and its political allies and business partners. Many of Iran’s immediate operations after October 7 were hasty and chaotic – indicating it had little or no coordination ...
- Washington recruited private hackers for help. Far-right pressure is pushing them away
February 6, 2024
Some of the country’s top cybersecurity experts who’ve been helping protect critical networks say they’re quietly retreating from a highly touted government partnership, citing frustrations with its management and pressure from conservative critics. The Cybersecurity and Infrastructure Security Agency launched the initiative — known as the Joint Cyber Defense Collaborative — in 2021 to enlist outside ...
- Dead-end job
February 6, 2024
In November 2023, Group-IB’s Threat Intelligence unit detected a massive malicious campaign targeting employment agencies and retail companies primarily located in the APAC region, to steal and sell sensitive user data. The campaign was attributed to a previously unknown group. Due to the threat actor’s focus on job search platforms and the theft of resumes, Group-IB ...
- AnyDesk confirms cyber attack, revokes certificates as hackers infiltrate systems
February 5, 2024
AnyDesk has confirmed it suffered a cyberattack in which hackers were able to compromise its production systems. In a press release published on the company’s website, the remote access provider said it spotted the attack after seeing “indications of an incident” in some of its systems. Subsequent investigation uncovered compromise in the company’s production systems, it ...
- Python Info-stealer Distributed by Malicious Excel Document
February 5, 2024
In January 2024, FortiGuard Labs obtained an Excel document distributing an info-stealer. From the fingerprints in this attack, it is related to a Vietnamese-based group that was first reported on in August 2023 and again in September. The attack stages before the info-stealer are simple downloaders that increase the difficulty of detection. This article introduces each stage ...
- Oman sees surge in cyber crimes
February 5, 2024
The Public Prosecution in Oman has revealed that there were 140 cases of cybercrime in 2023, compared to 126 in 2022 while cases related to online content increased to 2,686 in 2023 from 2,519 in 2022. These cases included misusing financial cards, attempting, assisting, or agreeing to commit information technology fraud. Cases involving a violation of ...