The Ukrainian police have arrested three individuals who hacked more than 610,000 Roblox gaming accounts and sold them for a profit of $225,000.
The arrests were made by the police in Lviv after conducting ten searches on targeted locations, seizing $35,000 in cash, 37 mobile phones, 11 desktop computers, seven laptops, five tablets, and four USB drives.
Although the police did not specify the game platform targeted by the hackers, aged 19, 21, and 22, the Prosecutor General’s Office stated that it was Roblox.
“Prosecutors of the Lviv region, together with the cyber police and the Security Service of Ukraine, have stopped the activities of a group that gained access to other people’s gaming accounts and used them as a source of income,” reads the press release from the Prosecutor General’s Office.
“This concerns profiles in Roblox, where users create games, communicate, and purchase virtual items with in-game currency. For many, such accounts hold not only gaming value but also financial value due to accumulated resources and purchased items.”
Source: gp.gov.ua
Roblox is a gaming platform where people can create and play millions of games. Roblox accounts aren’t limited to gaming, as they can also be used for building assets on Roblox Studio and selling items to others, in exchange for the in-game currency Robux.
For many, these accounts have monetary value, hold high Robux balances, contain limited-edition items that can no longer be obtained, preserve years of in-game progress with unlocks and achievements, offer paid access to premium content, and more.
The authorities state that, at least 357 of the 610,000 user accounts the hackers took over between October 2025 and January 2026, were high-value (“elite”) accounts.
The 19-year-old is identified as the leader of the threat group, who recruited the other two on gaming forums and set up the account-hacking scheme.
The scheme involved promoting info-stealing malware disguised as a game-enhancer tool, infecting victim devices, and collecting their login credentials.
The stolen accounts were then categorized by value, inventory rarity, and remaining Roblux balances, and sold via a Russian website and on “closed” online communities.
For these offenses, the hackers were charged under articles 185 (theft) and 361 (unauthorized interference with IT systems) and face up to 15 years of imprisonment.
The authorities continue their investigation to identify other possible accomplices and victims of the hacking group.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
