More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- MailChimp discloses new breach after employees got hacked
January 18, 2023
Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the threat actors to access the data of 133 customers. MailChimp says the attackers gained access to employee credentials after conducting a social engineering attack on Mailchimp employees and contractors. Read more… Source: Bleeping Computer
- Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises
January 17, 2023
Phishing is one of the most common techniques used to deliver malware and gain access to target networks. This is not only because of its simplicity and scalability, but also because of its efficiency in exploiting vulnerabilities in human behavior. Despite the existence of sophisticated detection tooling and security awareness of phishing techniques, defenders across ...
- Hackers can use GitHub Codespaces to host and deliver malware
January 17, 2023
Researchers have demonstrated how threat actors can abuse the GitHub Codespaces’ port forwarding’ feature to host and distribute malware and malicious scripts. GitHub Codespaces allows developers to deploy cloud-hosted IDE platforms in virtualized containers to write, edit, and test/run code directly within a web browser. Read more… Source: Bleeping Computer
- Nissan North America data breach caused by vendor-exposed database
January 17, 2023
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information. The security incident was reported to the Office of the Maine Attorney General on Monday, January 16, 2023, where Nissan disclosed that 17,998 customers were affected by the breach. Read more… Source: Bleeping Computer
- Ransomware has now become a problem for everyone, and not just tech
January 15, 2023
It’s a new year, a time when many people look to turnover a new leaf and make some positive changes. Sadly, not everyone. In particular, it seems that ransomware gangs show no signs of letting up on their criminal activity in 2023. Then again, why would they? Read more… Source: ZDNet
- NortonLifeLock warns that hackers breached Password Manager accounts
January 13, 2023
Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. According to a letter sample shared with the Office of the Vermont Attorney General, the attacks did not result from a breach on the company but from account ...