More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Mr. Cooper leaks personal data of 14 million loan and mortgage customers
December 19, 2023
A major mortgage and loan company based in Dallas, working under the name Mr. Cooper Group Inc. has released more information on a recent breach. In a data breach notification, the company didn’t say what type of cyberattack caused the compromise of customer data, calling it a rather non-descriptive “External system breach (hacking).” For those unfamiliar ...
- Europol publishes IOCTA spotlight report on online fraud schemes
December 19, 2023
Europol’s spotlight report on online fraud highlights that online fraud schemes represent a major crime threat in the EU and beyond as online fraudsters generate multiple billions in illicit profits every year to the detriment of individuals, companies and public institutions. Fraud schemes are perpetrated with the intention of defrauding victims of their assets using false ...
- A Log4Shell Retrospective – Overblown and Exaggerated
December 18, 2023
Two years ago, CVE-2021-44228 sent the security industry into a panic. The vulnerability, better known as Log4Shell, had security professionals working overtime through the holidays hunting down vulnerable log4j libraries. At the time, there was fear and confusion around what software was affected, which were exploitable, and where attackers would attack next. The reality was that ...
- Xfinity discloses a data breach but doesn’t say how many users are affected
December 18, 2023
Xfinity is notifying customers of a “data security incident” it says resulted in the theft of customer information, including usernames, passwords, contact information, and more. In a notice on Monday, Xfinity says “there was unauthorized access” to its systems from October 16th to October 19th, 2023. Xfinity traces the breach to a security vulnerability disclosed by ...
- Coverage Advisory for CVE-2023-50164: Apache Struts Path Traversal and File Upload Vulnerability
December 18, 2023
CVE-2023-50164 is a path traversal flaw that allows a remote attacker to upload malicious files to vulnerable servers. After successful exploitation, an attacker can achieve Remote Code Execution (RCE) on the target server. An attacker exploiting such a vulnerability can access, upload, or modify important files, steal sensitive information, disrupt critical services, or move laterally on ...
- #StopRansomware: Play Ransomware
December 18, 2023
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint CSA to disseminate the Play ransomware group’s IOCs and TTPs identified through FBI investigations as recently as October 2023. Since June 2022, the Play (also known as Playcrypt) ransomware group ...