More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New Rorschach ransomware is the fastest encryptor seen so far
April 4, 2023
Following a cyberattack on a U.S.-based company, malware researchers discovered what appears to be a new ransomware strain with “technically unique features,” which they named Rorschach. Among the capabilities observed is the encryption speed, which, according to tests from the researchers, would make Rorschach the fastest ransomware threat today. Read more… Source: Bleeping Computer
- Uber driver info stolen yet again: This time from law firm
April 4, 2023
Uber has had more of its internal data stolen from a third party that suffered a security breach. This time, the personal info of the app’s drivers was swiped by miscreants from the IT systems of law firm Genova Burns. In a letter to affected drivers, the lawyers said they had looked into the intrusion, and ...
- Malaysia: Confirming cyber-attack, Immigration D-G says data not compromised
April 4, 2023
The Immigration Department’s official website is expected to be restored and accessible to the public later today after remedial action to an earlier cyber-attack, said Datuk Ruslin Jusoh. The Immigration director-general said the department took the website offline earlier in order to perform repairs as well as implement new security measures. Read more… Source: MSN News
- Hackers attack several Israeli university websites
April 4, 2023
The sites of Tel Aviv University, Hebrew University of Jerusalem, Ben-Gurion University of the Negev, Haifa University, Weizmann Institute of Science, Open University of Israel and Reichman University were among the sites inaccessible due to the cyberattack. The group posted a statement on its Telegram account, listing the attacked websites. “Infrastructure: Universities – Israel’s education sector ...
- Western Digital suffers cyber attack, shuts down systems
April 3, 2023
The company said on 3 April that it identified a network security incident on 26 March. It confirmed that an unauthorised third party gained access to a number of the company’s systems. After realising it had been breached, Western Digital enacted its incident response protocols and hired external security and forensic experts. Read more… Source: IT Pro
- Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack
April 3, 2023
On March 29, Crowdstrike published a report about a supply chain attack conducted via 3CXDesktopApp, a popular VoIP program. Since then, the security community has started analyzing the attack and sharing their findings. The following has been discovered so far: The infection is spread via 3CXDesktopApp MSI installers. An installer for macOS has also been trojanized. The ...