More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Exchange Servers Under Active Attack via ProxyShell Bugs
August 15, 2021
Researchers’ Microsoft Exchange server honeypots are being actively exploited via ProxyShell: The name of an attack disclosed at Black Hat last week that chains three vulnerabilities to enable unauthenticated attackers to perform remote code execution (RCE) and snag plaintext passwords. In his Black Hat presentation last week, Devcore principal security researcher Orange Tsai said that a ...
- Cyberattackers Embrace CAPTCHAs to Hide Phishing, Malware
August 13, 2021
Cyberattackers are using Google’s reCAPTCHA (aka the “I am not a robot” function) and fake CAPTCHA-like services to obscure various phishing and other campaigns, according to researchers. There are signs however that those evasion efforts may be losing their efficacy. CAPTCHAs are familiar to most internet users as the challenges that are used to confirm that ...
- SynAck ransomware group releases decryption keys as they rebrand to El_Cometa
August 13, 2021
The SynAck ransomware gang has released decryption keys for victims that were infected between July 2017 and 2021, according to data obtained by The Record. SynAck is in the process of rebranding itself as the El_Cometa ransomware gang, and a member of the old group gave the keys to The Record. Emsisoft’s Michael Gillespie confirmed the veracity ...
- IT threat evolution Q2 2021
August 12, 2021
It is quite common for Chinese-speaking threat actors to share tools and methodologies: one such example is the infamous “DLL side-loading triad”: a legitimate executable, a malicious DLL to be side-loaded by it and an encoded payload, generally dropped from a self-extracting archive. This was first thought to be a signature of LuckyMouse, but we ...
- Notorious AlphaBay darknet market comes back to life
August 12, 2021
The AlphaBay darkweb market has come back to life after an administrator of the original project relaunched it over the weekend. At the same time, the admin announced plans for setting up a platform for darknet markets to set up shop with a strong focus on anonymity. Read more… Source: Bleeping Computer
- Cryptocurrency heist hacker returns $260m in funds
August 12, 2021
The hacker behind one of the largest cryptocurrency heists to date has returned almost half of the $600m (£433m) stolen assets. On Tuesday, the firm affected, Poly Network wrote a letter on Twitter, asking the individual to get in touch “to work out a solution”. The hacker then posted messages pledging to return funds, claiming to be ...