More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- BlackCat malware lashes out at US defense IT contractor
October 2, 2022
The BlackCat ransomware gang, also known as ALPHV, has allegedly broken into IT firm NJVC, a provider of services to civilian US government agencies and the Department of Defense. DarkFeed, which monitors the dark web for ransomware intelligence, tweeted this week that BlackCat had added NJVC to its victims’ list, along with sharing a screenshot allegedly ...
- Lazarus hackers abuse Dell driver bug using new FudModule rootkit
October 1, 2022
The notorious North Korean hacking group ‘Lazarus’ was seen installing a Windows rootkit that abuses a Dell hardware driver in a Bring Your Own Vulnerable Driver attack. The spear-phishing campaign unfolded in the autumn of 2021, and the confirmed targets include an aerospace expert in the Netherlands and a political journalist in Belgium. According to ESET, which ...
- BEC attacks: Most victims aren’t using multi-factor authentication – apply it now and stay safe
September 29, 2022
There has been a big rise in Business Email Compromise (BEC) attacks – and most victims work at organisations which weren’t using multi-factor authentication (MFA) to secure their accounts. BEC attacks are one of the most lucrative forms of cyber crime: according to the FBI, the combined total lost is over $43 billion and counting, with ...
- Upgraded Prilex Point-of-Sale malware bypasses credit card security
September 29, 2022
Security analysts have observed three new versions of Prilex PoS-targeting malware this year, indicating that its authors and operators are back in action. Prilex started as ATM-focused malware in 2014 and it pivoted to PoS (point of sale) devices in 2016. While development and distribution peaked in 2020, the malware disappeared in 2021. Kaspersky analysts now report ...
- Singapore firms see 54 cybersecurity incidents daily, struggle to keep up
September 29, 2022
The cybersecurity threat landscape is evolving so quickly companies in Singapore are finding it tough to keep up. Half feel “inundated” by an endless stream of cyber attacks, describing this as one of their biggest work frustrations. Just 25% of cybersecurity professionals in Singapore felt “very confident” in their organisation’s ability to adapt to new threats, ...
- Prilex: the pricey prickle credit card complex
September 28, 2022
Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. The group was behind one of the largest attacks on ATMs in the country, infecting and jackpotting more than 1,000 machines, while also cloning in excess of 28,000 credit cards that were used in these ATMs before the ...