More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- MGM Resorts estimates $100M loss due to cyber attack
October 6, 2023
MGM Resorts sent a letter to customers regarding the recent cyber incident that took place on Sept. 11. MGM Resorts stated that on or around Sept. 29, it determined that an unauthorized third party obtained the personal information of some of its customers on Sept. 11. The company also said it filed an 8-K form with ...
- Qakbot-affiliated actors distribute Ransom Knight malware despite infrastructure takedown
October 5, 2023
In a late August 2023 operation involving the FBI and many international partners, law enforcement agencies seized the infrastructure and cryptocurrency assets used by the Qakbot malware, dealing considerable damage to the group’s operations. Many people in the security industry wondered whether this would mean that the Qakbot affiliates were gone forever or just temporarily ...
- NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations
October 5, 2023
Today, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. The ...
- Clorox shares touch more than 5-year low on financial hit from cyber attack
October 5, 2023
Shares in Clorox were down 8.1% on Thursday, after hitting their lowest level since May 2018, after the cleaning supplies company’s warned that an August cyber attack would push it into a quarterly loss and slash up to 28% off its revenue. On Aug 14 Clorox said it took some systems offline after unauthorized activity disrupted ...
- Sony confirms cyber-attack exposed details of nearly 7000 current and former employees
October 5, 2023
Sony Interactive Entertainment has confirmed the personal information of 6,791 former and current employees was exposed as part of a cyber-attack in June. According to a report the data breach was carried out by the Clop ransomware group. Sony is now contacting anyone affected and is offering credit monitoring and identity restoration services. In correspondence notifying ...
- Rules of engagement issued to hacktivists after chaos
October 4, 2023
The International Committee of the Red Cross (ICRC) has, for the first time, published rules of engagement for civilian hackers involved in conflicts. The organisation warns unprecedented numbers of people are joining patriotic cyber-gangs since the Ukraine invasion. The eight rules include bans on attacks on hospitals, hacking tools that spread uncontrollably and threats that ...