More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Security 101: How Fileless Attacks Work and Persist in Systems
April 30, 2020
As security measures get better at identifying and blocking malware and other threats, modern adversaries are constantly crafting sophisticated techniques to evade detection. One of the most persistent evasion techniques involves fileless attacks, which do not require malicious software to break into a system. Instead of relying on executables, these threats misuse tools that are ...
- WebMonitor RAT Bundled with Zoom Installer
April 29, 2020
The coronavirus pandemic has highlighted the usefulness of communication apps for work-from-home (WFH) setups. However, like they always do, cybercriminals are expected to exploit popular trends and user behavior. We have witnessed threats against several messaging apps including Zoom. In early April, we spotted an attack leveraging Zoom installers to spread a cryptocurrency miner. We recently encountered a similar attack ...
- Anatomy of Formjacking Attacks
April 27, 2020
The rise of the Internet has contributed positively in many ways to people’s lives and you can find almost any service on the internet now. However, the convenience of the internet also opens a gate to use malware to steal people’s confidential information, and unfortunately, more and more malware authors are taking advantage of this. Formjacking, ...
- A look at the ATM/PoS malware landscape from 2017-2019
April 23, 2020
From remote administration and jackpotting, to malware sold on the Darknet, attacks against ATMs have a long and storied history. And, much like other areas of cybercrime, attackers only refine and grow their skillset for infecting ATM systems from year-to-year. So what does the ATM landscape look like as of 2020? Let’s take a look. ATM attacks aren’t ...
- Studying How Cybercriminals Prey on the COVID-19 Pandemic
April 22, 2020
With the spread of the coronavirus worldwide, interest is high in related topics. Accordingly, Unit 42 researchers found an immense increase in coronavirus-related Google searches and URLs viewed since the beginning of February. Cybercriminals are looking to profit from such trending topics, disregarding ethical concerns, and in this particular case preying on the misfortunes of ...
- Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug
April 22, 2020
A new variant of the Hoaxcalls botnet, which can be marshalled for large-scale distributed denial-of-service (DDoS) campaigns, is spreading via an unpatched vulnerability impacting the ZyXEL Cloud CNM SecuManager that was disclosed last month. That’s according to researchers at Radware, who also said that it’s notable how quickly Hoaxcalls operators have moved to weaponize the ZyXel ...