This 19-year-old guy in Ukraine pocketed $225,000 by hijacking 610,000 Roblox accounts by hiding his malware inside a fake game booster.

He carried out the operation from an apartment in Lviv between October 2025 and January 2026.
Later, he recruited two partners, aged 21 and 22, through gaming forums.
The malware was promoted as a tool to improve Roblox games promising better performance and extra features.
Once installed, it stole the user's browser session cookie instead of passwords.
A stolen cookie bypasses login entirely, so neither the password nor the two-factor authentication code ever appear.
The group filtered out accounts with the highest Robux balances and most sought-after in-game items, keeping 357 elite accounts in addition to the 610,000.
They sold the elite accounts on Russian-language darknet forums and accepted cryptocurrency payments.
Ukrainian cyber police traced the crypto wallet to the Lviv apartment and conducted ten coordinated raids on the same morning.
They seized $37,500 in cash, 37 mobile phones, 11 desktop computers, 7 laptops, 5 tablets, and 4 USB drives.
The ringleader could face up to 15 years for a Roblox malware operation that started when he was 18.