More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ransomware Attacks on Gaming Industry – A CISO Perspective
September 19, 2023
The gaming industry is experiencing a surge in cyber attacks because of its vast reservoirs of sensitive customer information, financial transactions, and interconnected operations. Zscaler’s ThreatLabz threat research team reported earlier this year that ransomware attacks had grown 37% overall year-over-year, with the average cost of an attack reaching a whopping $5.3M. The Department of Homeland ...
- Hackers who breached casino giants MGM, Caesars also hit 3 other firms, Okta says
September 19, 2023
Hackers who breached casino giants MGM Resorts International and Caesars Entertainment in recent weeks also broke into the systems of three other companies in the manufacturing, retail, and technology space, a security executive familiar with the matter said. David Bradbury, chief security officer of the identity management company Okta, said five of the company’s clients, including ...
- One of the FBI’s most wanted hackers is trolling the U.S. government
September 18, 2023
Earlier this year, the U.S. government indicted Russian hacker Mikhail Matveev, also known by his online monikers “Wazawaka” and “Boriselcin,” accusing him of being “a prolific ransomware affiliate” who carried out “significant attacks” against companies and critical infrastructure in the U.S. and elsewhere. The feds also accused him of being a “central figure” in the development ...
- Latest evolution of ‘pig butchering’ scam lures victim into fake mining scheme
September 18, 2023
Crypto fraud has become the dominant form of Internet-based confidence schemes over the past three years, as demonstrated by the sha zhu pan (“pig butchering”) scams Sophos researchers recently investigated. But one variant has been growing at a particularly rapid pace: fake “liquidity mining.” Sophos X-Ops has also seen growth in crypto phishing sites that connect ...
- HWL Ebsworth hack: 65 Australian government agencies affected by cyber-attack
September 18, 2023
Sixty-five Australian government departments and agencies were victims of the cyber-attack on legal firm HWL Ebsworth, the national cybersecurity coordinator has revealed. In a speech on Monday, Air Marshal Darren Goldie also revealed that some people and clients with personal information exposed in the hack have yet to be informed. The Russian-linked ALPHV/BlackCat ransomware group hacked the law ...
- Kuwait’s finance ministry says cyberattack hit one of its systems
September 18, 2023
Kuwait’s finance ministry said on Monday that one of its systems had suffered a cyberattack in the early morning but that the ministry continued to work normally. The ministry said in a statement that protection systems and procedures had been activated and “the level of the hacking attempt is being assessed.” Read more… Source: Alarabiya News