More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ghana’s EOCO collaborates with Nigeria’s EFCC in cybercrime fight
June 21, 2023
Ghana’s Economic and Organised Crime Office (EOCO) is fostering close collaboration with the Economic and Financial Crimes Commission (EFCC) of Nigeria in the fight against cybercrime. Combining survey results from INTERPOL showed an increase of 132 per cent in reported cybercrime between 2013 and 2015, with an average of USD2.7 million from businesses and USD422, 000 ...
- Hackers threaten to leak 80GB of confidential data stolen from Reddit
June 19, 2023
Hackers are threatening to release confidential data stolen from Reddit unless the company pays a ransom demand – and reverses its controversial API price hikes. In a post on its dark web leak site, the BlackCat ransomware gang, also known as ALPHV, claims to have stolen 80 gigabytes of compressed data from Reddit during a February ...
- Microsoft Azure and Outlook outages were caused by DDoS attacks
June 19, 2023
Microsoft has confirmed that outages to its Azure and Outlook services were caused by DDoS attacks, which the company puts down to the threat actor that it tracks as Storm-1359. This follows the tech giant’s new nomenclature for threats, whereby Storm denotes a group that is in development. Otherwise known as Anonymous Sudan, it is said ...
- Decade Old DDoS-for-Hire Service Taken Down, Administrators Arrested
June 19, 2023
Polish authorities took down a DDoS-for-hire service that’s been around for a decade following an investigation with support of the FBI, Europol and law enforcement agencies from Germany, Belgium and the Netherlands. DDoS attacks are always a nuisance, but they can inflict serious damage to companies and organizations. The simple fact that a webpage or a ...
- Military leaders warn U.S. must prepare for cyber, infrastructure threat
June 16, 2023
The United States must immediately get ready for domestic, cyber-enabled attacks on critical domestic infrastructure and guard against foreign-initiated information operations targeted at the American people, according to speakers and panelists at an Association of the U.S. Army symposium on Wednesday in Arlington, Virginia. Mark Bristow, director of the Cyber Infrastructure Protection Innovation Center (CIPIC) at ...
- Cyber attack results in data breach of all Louisiana driver licenses, IDs
June 16, 2023
Those with a Louisiana ID, registration or driver’s license could have their personal data exposed as a major cyber attack targeted the Louisiana Office of Motor Vehicles as well as other Government entities. According to the Governor’s Office of Homeland Security and Emergency Preparedness, the OMV was breached. The state says MOVEit – which is a ...