More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- ‘Keeper’ hacking group behind hacks at 570 online stores
July 7, 2020
A hacking group known as “Keeper” is responsible for security breaches at more than 570 online e-commerce portals over the last three years. The Keeper gang broke into online store backends, altered their source code, and inserted malicious scripts that logged payment card details entered by shoppers in checkout forms. These types of attacks are what the ...
- Purple Fox EK Adds Microsoft Exploits to Arsenal
July 6, 2020
The Purple Fox exploit kit (EK) has added two new exploits targeting critical- and high-severity Microsoft vulnerabilities to its bag of tricks – and researchers say they expect more attacks to be added in the future. The Purple Fox EK was previously analyzed in September, when researchers said that it appears to have been built to replace the Rig ...
- This is how EKANS ransomware is targeting industrial control systems
July 2, 2020
New samples of the EKANS ransomware have revealed how today’s cyberattackers are using a variety of methods to compromise key industrial companies. In a research report published on Wednesday, FortiGuard Labs researchers Ben Hunter and Fred Gutierrez said that malware designed to attack industrial control systems (ICS) continues to be lucrative for threat actors. While ransomware only accounted for ...
- TrickBot malware now checks screen resolution to evade analysis
July 1, 2020
The infamous TrickBot trojan has started to check the screen resolutions of victims to detect whether the malware is running in a virtual machine. When researchers analyze malware, they typically do it in a virtual machine that is configured with various analysis tools. Due to this, malware commonly uses anti-VM techniques to detect whether the malware is ...
- Australia to invest a record A$1.35bn in cyber security
July 1, 2020
Dubbed the Cyber Enhanced Situational Awareness and Response (Cesar) package, the investment will help Australia identify cyber threats, disrupt foreign cyber criminals and build industry partnerships, said Australian prime minister Scott Morrison yesterday. Noting that malicious cyber activity undermines the government’s efforts to protect Australia’s economy, national security and sovereignty, Morrison said the record investment will ...
- New EvilQuest ransomware discovered targeting macOS users
June 30, 2020
Security researchers have discovered this week a new ransomware strain targeting macOS users. Named OSX.EvilQuest, this ransomware is different from previous macOS ransomware threats because besides encrypting the victim’s files, EvilQuest also installs a keylogger, a reverse shell, and steals cryptocurrency wallet-related files from infected hosts. “Armed with these capabilities, the attacker can main full control over ...