More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date.
Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 high-value “elite” accounts, making around $225,000 from selling access to them. The hackers distributed infostealing malware disguised as game-enhancement tools, harvested login credentials from infected devices, and sold accounts through a Russian website and closed online communities based on their value.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hotels, airlines and travel sites battle bot attacks
June 27, 2018
Hotels, airlines, cruises and travel sites are under siege from crooks using fake or stolen account details to try to access accounts. Hackers have been using stolen or leaked account details to attempt to log into accounts, using botnets to deliver attacks at industrial scale, according to research by Akamai. Read more… Source: ZDNet
- Thanatos ransomware: Free decryption tool released for destructive file-locking malware
June 27, 2018
Victims of a destructive form of ransomware, which fails to unlock files even if the ransom is paid, can now retrieve their files for free with a new file decryptor released by security researchers. Thanatos ransomware first started targeting Windows systems in February and multiple versions of it have been released in the months since, indicating ...
- Up to 40,000 British Ticketmaster users may have had their personal and payment details stolen by hackers
June 27, 2018
Ticketmaster UK have admitted British customers may have had their credit card data stolen in a security breach that could have affected up to 40,000 people. The company says it ‘identified malicious software’ on a third party product on Saturday, but did not reveal the breach until today. The firm said it disabled the software as soon ...
- New Malware Family Uses Custom UDP Protocol for C&C Communications
June 26, 2018
Security researchers have uncovered a new highly-targeted cyber espionage campaign, which is believed to be associated with a hacking group behind KHRAT backdoor Trojan and has been targeting organizations in South East Asia. According to researchers from Palo Alto, the hacking group, which they dubbed RANCOR, has been found using two new malware families—PLAINTEE and DDKONG—to target ...
- FakeSpy Android Information-Stealing Malware Targets Japanese and Korean-Speaking Users
June 19, 2018
Spoofing legitimate mobile applications is a common cybercriminal modus that banks on their popularity and relies on their users’ trust to steal information or deliver payloads. Cybercriminals typically use third-party app marketplaces to distribute their malicious apps, but in operations such as the ones that distributed CPUMINER, BankBot, and MilkyDoor, they would try to get their apps published ...
- Ex-CIA employee charged with leaking ‘Vault 7’ hacking tools to Wikileaks
June 18, 2018
A 29-year-old former CIA computer programmer who was charged with possession of child pornography last year has now been charged with masterminding the largest leak of classified information in the agency’s history. Joshua Adam Schulte, who once created malware for both the CIA and NSA to break into adversaries computers, was indicted Monday by the Department of Justice on 13 ...