More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Necurs Botnet Evolves to Hide in the Shadows, with New Payloads
March 1, 2019
Necurs, the prolific and globally dispersed spam and malware distribution botnet, has been spotted using a fresh hiding technique to avoid detection while quietly adding more bots to its web. According to research from Black Lotus Labs, which is telecom and ISP provider CenturyLink’s network security arm, Necurs last year began implementing regular, sustained downtime segments ...
- RSA Security Conference: The race to plug a $6 trillion security hole
March 1, 2019
More than 50 thousand of the world’s top computer security professionals will be in San Francisco this week for the RSA Conference. While they talk, the hole in the cybersecurity world is getting bigger every year and is on track to swallow $6 trillion in annual damages by 2021 — a doubling from $3 trillion in ...
- Hackers target Elasticsearch clusters in fresh malware campaign
February 27, 2019
Security researchers have observed a spike in attacks from multiple threat actors targeting Elasticsearch clusters, in what is believed to be an attempt to spread malware on victims’ machines. Attackers appear targeting clusters using versions 1.4.2 and lower, and are leveraging old vulnerabilities to pass scripts to search queries and drop the attacker’s payloads, according to ...
- Russian national, author of NeverQuest banking trojan, pleads guilty
February 23, 2019
A Russian national pleaded guilty today in a New York court of creating, running, and infecting users with the NeverQuest banking trojan –also known as Snifula and Vawtrack. The man’s name is Stanislav Vitaliyevich Lisov, a Russian national who went online under the names of “Black” and “Blackf,” and who, according to a Department of Justice press ...
- Malspam campaign fakes Google reCAPTCHA images to fool victims
February 22, 2019
A recently discovered malspam campaign targeting customers of a Polish bank was found using forgeries of Google reCAPTCHA images to fake legitimacy. The banking malware was delivered via phishing emails that purported to seekin confirmation of a recent banking transaction that in reality never occurred, according to Feb. 21 blog post published week by Sucuri. Recipients who panicked at the ...
- DDoS Attacks Ranked As Highest Threat by Enterprises
February 22, 2019
US and EMEA security professionals interviewed by the Neustar International Security Council (NISC) in January 2019 said that DDoS attacks are perceived as the highest threat to their organizations, with roughly half of their companies having been attacked in 2018. Another 75% of all professionals who took part in NISC’s study said that they are deeply concerned about “bot ...