More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New Android banking malware remotely takes control of your device
April 9, 2022
A new Android banking malware named Octo has appeared in the wild, featuring remote access capabilities that allow malicious operators to perform on-device fraud. Octo is an evolved Android malware based on ExoCompact, a malware variant based on the Exo trojan that quit the cybercrime space and had its source code leaked in 2018. The new variant ...
- Finnish govt websites knocked down as Ukraine President addresses MPs
April 9, 2022
Cyberattacks took down Finnish government websites on Friday while Ukrainian President Volodymyr Zelenskyy addressed Finland’s members of parliament (MPs). Denial-of-service (DoS) attacks hit Finland’s ministries of Defense and Foreign Affairs’ websites around noon local time. About an hour later, both government agencies tweeted that the websites were back up and running. The Finnish Ministry of Foreign Affairs ...
- Hackers use Conti’s leaked ransomware to attack Russian companies
April 9, 2022
A hacking group used the Conti’s leaked ransomware source code to create their own ransomware to use in cyberattacks against Russian organizations. While it is common to hear of ransomware attacks targeting companies and encrypting data, we rarely hear about Russian organizations getting attacked similarly. This lack of attacks is due to the general belief by Russian ...
- FIN7 hacking group member sentenced to five years behind bars
April 8, 2022
A Ukrainian national has been sentenced as a member of the FIN7 hacking group. On Thursday, the US Department of Justice (DoJ) announced the sentencing of Denys Iarmak to five years in prison for working as a FIN7 penetration tester. FIN7, also known as Carbanak, is a prolific cybercriminal group that focuses on financial theft. Active since ...
- A Bad Luck BlackCat
April 7, 2022
In early December 2021, a new ransomware actor started advertising its services on a Russian underground forum. They presented themselves as ALPHV, a new generation Ransomware-as-a-Service (RaaS) group. Shortly afterwards, they dialed up their activity, infecting numerous corporate victims around the world. The group is also known as BlackCat. One of the biggest differences from other ...
- Conti gang is still in business, despite its own massive data leak
April 6, 2022
The Conti ransomware gang is still actively running campaigns against victims around the world, despite the inner workings of the group being revealed by data leaks. One of the most prolific ransomware groups of the last year, Conti has encrypted networks of hospitals, businesses, government agencies and more – in many cases, receiving a significant ransom ...