More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Nemty Ransomware Expands Its Reach, Also Delivered by Trik Botnet
November 4, 2019
The Nemty ransomware (Ransom.Nemty), initially detected in August 2019, has increased its reach by partnering up with the Trik botnet (Trojan.Wortrik), which now delivers Nemty to compromised computers. Trik, also known as Phorpiex, has been around for approximately 10 years. In its early days, the malware self-propagated via removable USB drives, Windows Live Messenger, or Skype ...
- Ransomware hits Spanish companies sparking WannaCry panic
November 4, 2019
Two major Spanish companies have been hit by ransomware today. Both infections occurred on the same day, sparking memories of the WannaCry outbreak. Spain was one of the first countries alongside the UK, where the WannaCry ransomware infections were spotted for the first time back on May 12, 2017. Affected at the time were Spanish newspaper El ...
- BlueKeep Attacks Have Arrived, Are Initially Underwhelming
November 4, 2019
The wave of BlueKeep attacks that security experts predicted could take down systems globally have arrived, but they are not in showing the form nor the destructive impact experts initially feared. Security researchers have seen evidence of the first wave of attacks on the zero-day Windows Remote Desktop vulnerability revealed by Microsoft in May. At the time experts ...
- London police software quarantines thousands of cybercrime reports
October 25, 2019
Over 9,000 cybercrime reports filed by UK citizens have sat inside a police database without being investigated after security software mistakenly identified them as containing malicious code and placed them in quarantine. All the quarantined reports came from Action Fraud, an official UK police website where victims can report fraud and cybercrime. According to an audit published this week ...
- Mobile Malware and APT Espionage: Prolific, Pervasive, and Cross-Platform
October 23, 2019
Until now, the public’s exposure to mobile phone malware has been dominated by news about the privately run “greyware” vendors who have made headlines for being purveyors of spyware tools. These commercial smartphone spyware tools reportedly end up in the hands of autocrats who use it to hamper free speech, quash dissent, or worse. Consumers ...
- The Banking and Finance Industry Under Cybercriminal Siege: An Overview
October 22, 2019
Financial institutions have now taken on an even more active role in the growing information technology (IT) and operational technology (OT) convergence. The need for 24/7-connected smart devices has driven the industry to adapt, especially with the wider adoption of the internet of things (IoT) among businesses and users. Unfortunately, this round-the-clock connection with their respective ...