More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- PayPal and Twitter abused in Turkey relief donation scams
February 9, 2023
Scammers are now exploiting the ongoing humanitarian crisis in Turkey and Syria: this time stealing donations by abusing legitimate platforms like PayPal and Twitter. This week, high magnitude earthquakes claimed more than 15,000 lives, caused extensive infrastructural damage and disrupted network connectivity across the Middle East and Mediterranean region. Read more… Source: Bleeping Computer
- UK government “left council to deal with ransomware attack” that cost £11m
February 9, 2023
The government left Redcar and Cleveland Borough Council to fight a massive ransomware attack alone for a week, with minimal support or correspondence, the council’s leader has said. Mary Lanigan told MPs yesterday that while police and cybercrime officers were on site within two days, help from Westminster was lacking. Recovering from the incident cost ...
- UK cracks down on ransomware actors
February 9, 2023
Seven Russian nationals have assets frozen and travel bans imposed ransomware is a tier 1 national security threat, with attacks against businesses and public sector organisations increasingly common. Recent victims include UK schools, local authorities and firms – whilst internationally the Irish Health Service Executive, Costa Rican government and American healthcare providers were targeted new campaign of ...
- ‘Real arms race’ on defending Irish health system against cyber attacks
February 9, 2023
There is a “real arms race” between cyber attackers and efforts to defend Irish health systems, a committee has heard. The Public Accounts Committee also heard that 32,000 letters had been issued in recent weeks to patients, clients and staff affected by the 2021 Health Service Executive (HSE) cyber attack. Read more… Source: independent.ie
- Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs
February 9, 2023
Trend Micro researchers recently found an active campaign that uses a fake employment pretext targeting Eastern Europeans in the cryptocurrency industry to install an information stealer. In this campaign, the suspected Russian threat actors use several highly obfuscated and under-development custom loaders to infect those involved in the cryptocurrency industry with the Enigma Stealer (detected ...
- Beyond the basics: Implementing an active defense
February 9, 2023
Having an active defense posture, where the defenders actively use threat intelligence and their own environment telemetry to uncover potential compromises, is the next stage in the cyber security maturity road. Instead of waiting for detections to trigger, defenders can take initiative and hunt down threat actors inside their environment, putting a halt to their ...