More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Corporate website contact forms used to spread BazarBackdoor malware
March 10, 2022
The stealthy BazarBackdoor malware is now being spread via website contact forms rather than typical phishing emails to evade detection by security software. BazarBackdoor is a stealthy backdoor malware created by the TrickBot group and is now under development by the Conti ransomware operation. This malware provides threat actors remote access to an internal device that ...
- DOJ: Ukrainian ransomware suspect extradited from Poland to face charges in Texas
March 10, 2022
A Ukrainian national accused of a major ransomware attack will face charges in Texas after his extradition from Poland, the Justice Department announced Wednesday. Yaroslav Vasinskyi, 22, is charged with unleashing ransomware known as Sodinokibi/REvil against companies including Kaseya, a multi-national information software company, and demanding $70 million in ransom, according to his August 2021 indictment. REvil ...
- Latin e-commerce giant Mercado Libre hacked
March 10, 2022
Latin American e-commerce company Mercado Libre had its systems hacked in an incident that exposed information related to 300,000 users of the platform. The NASDAQ-listed company disclosed the incident in an 8-K filing to the US Securities and Exchange Commission, noting that part of its source code had been subject to unauthorized access, exposing user data. The ...
- New Nokoyawa Ransomware Possibly Related to Hive
March 9, 2022
Hive, which is one of the more notable ransomware families of 2021, made waves in the latter half of the year after breaching over 300 organizations in just four months — allowing the group to earn what could potentially be millions of US dollars in profit. In March 2022, we came across evidence that another, ...
- CISA: Conti ransomware update
March 9, 2022
CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the United States Secret Service (USSS) have re-released an advisory on Conti ransomware. Conti cyber threat actors remain active and reported Conti ransomware attacks against U.S. and international organizations have risen to more than 1,000. CISA, the FBI, NSA, and the USSS encourage ...
- ENISA: Incidents Handling and Cybercrime Investigations
March 8, 2022
The European Union Agency for Cybersecurity (ENISA) explores how CSIRTs, law enforcement agencies and the judiciary cooperate and how they can train together to better tackle cyber incidents and respond to cybercrime. The report published today facilitates the cooperation between CSIRTs and law enforcement agencies (LEAs) and looks into their interaction with the judiciary (judges and ...