More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Threat Recap: Darkside, Crysis, Negasteal, Coinminer
August 19, 2020
In the past few weeks, we have spotted notable developments for different types of threats. For ransomware, a new family named Darkside surfaced, while operators behind Crysis/Dharma released a hacking toolkit. For messaging threats, a targeted email campaign was used to propagate Negasteal/Agent Tesla. Finally, for fileless threats, a coinminer was seen bundled with legitimate applications. Read ...
- Phishing scams dominate the Philippines cybercrime landscape
August 19, 2020
Cybercrime in the Philippines is on a rapid rise, with phishing campaigns alone up 200% since the country went into lockdown in March In today’s highly-digitalized society, wanton cybercrimes have proven to be difficult to eradicate, and the cyberattack threat matrix just got riskier when recent quarantine and lockdown restrictions forced everyone indoors. Not only did ...
- Ukraine arrests gang who ran 20 crypto-exchanges and laundered money for ransomware gangs
August 18, 2020
Law enforcement in Ukraine has announced today the arrest of a cybercrime gang who ran 20 cryptocurrency exchanges where they laundered more than $42 million in funds for criminal groups. The group, which authorities said had three members, has been operating from Ukraine’s Poltava region since 2018. According to Ukrainian officials, the group has advertised its ...
- Dharma RaaS is ‘targeting and menacing’ SMBs
August 17, 2020
Dharma ransomware as-a-service (RaaS), which is among the world’s most popular, is being used predominantly to target small and medium-sized businesses (SMBs), according to a new report from Sophos. Offers as a service, Dharma ransomware is available to whoever is willing to pay for its use. User groups (called affiliates) rely “almost entirely” on a menu-driven ...
- Nigeria: Military Personnel Arrested For Cybercrime In Lagos
August 17, 2020
Lance Corporal Ajayi Kayode, a serving military personnel in Lagos State, has been arrested for alleged Internet fraud. Kayode was arrested in the Lekki axis of the state by operatives of the Economic and Financial Crimes Commission. The soldier, who was arrested alongside 26 others, said he was still learning “yahoo yahoo” (Internet fraud) from his friends ...
- World’s largest cruise line operator Carnival hit by ransomware
August 17, 2020
Cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend. Carnival Corporation is the largest cruise operator in the world with over 150,000 employees and 13 million guests annually. The cruise line operates under the brands Carnival Cruise Line, Costa, P&O Australia, P&O Cruises, Princess Cruises, ...