More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- DDoS Attack Trends for Q4 2021
January 11, 2022
The first half of 2021 witnessed massive ransomware and ransom DDoS attack campaigns that interrupted aspects of critical infrastructure around the world (including one of the largest petroleum pipeline system operators in the US) and a vulnerability in IT management software that targeted schools, public sector, travel organizations, and credit unions, to name a few. The ...
- California town announces data breach involving police department, loan provider
January 10, 2022
Grass Valley, California has announced an extensive data breach involving the Social Security numbers and more of all city employees and vendors — as well as anyone who had their information given to the local police department. The city said in a notice that Social Security numbers, driver’s license numbers, and health insurance information was leaked ...
- FBI: Cyber criminals are mailing out USB drives that install ransomware
January 10, 2022
A cybercrime group has been mailing out USB thumb drives in the hope that recipients will plug them into their PCs and install ransomware on their networks, according to the FBI. The USB drives contain so-called ‘BadUSB’ attacks. They were sent in the mail through the United States Postal Service and United Parcel Service. One type ...
- Abcbot botnet is linked to Xanthe cryptojacking group
January 10, 2022
Researchers have forged a “clear” link between the Abcbot botnet and a well-established cryptojacking cybercriminal group. First discovered In July 2021 by Netlab 360, the Abcbot botnet began as a simple scanner that used basic credential stuffing attacks and known vulnerability exploits to compromise vulnerable Linux systems. However, the developers quickly updated their creation to include self-update ...
- Night Sky is the latest ransomware targeting corporate networks
January 6, 2022
It’s a new year, and with it comes a new ransomware to keep an eye on called ‘Night Sky’ that targets corporate networks and steals data in double-extortion attacks. According to MalwareHunterteam, who first spotted the new ransomware, the Night Sky operation started on December 27th and has since published the data of two victims. One of ...
- Hackers are sending malicious links through Google Doc comment emails
January 6, 2022
Research from cybersecurity company Avanan has shown that hackers are increasingly using Google Docs’ productivity features to slip malicious content past spam filters and security tools. Avanan’s Jeremy Fuchs said that in December, the company saw cyberattackers using the comment feature in Google Docs and Google Slides to leverage attacks against Outlook users. “In this attack, hackers ...