Ad
News
Hackers steal $6.2 million in digital assets from LastPass users, investigators track stolen funds Hackers steal $6.2 million in digital assets from LastPass users, investigators track stolen funds

Hackers steal $6.2 million in digital assets from LastPass users, investigators track stolen funds

The recent LastPass breach impacted 41 crypto addresses and was traced back to a December 2022 hack of the platform.

Hackers steal $6.2 million in digital assets from LastPass users, investigators track stolen funds

Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.

Join Japan's Web3 Evolution Today

Hackers stole over $6.2 million in digital assets from 22 LastPass users between Feb. 19 and 20.

Blockchain investigator ZachXBT and Taylor Monahan, a developer associated with the crypto wallet MetaMask, revealed in a Feb. 21 post on social media platform X (formerly Twitter) that they meticulously tracked the movement of funds from 41 compromised wallets. These wallets comprised 21 Bitcoin and 20 Ethereum addresses, all impacted by the breach.

LastPass hack
LastPass Hack Victims (Source: ZachXBT/Monahan)

Monahan highlighted that the stolen assets encompassed various cryptocurrencies such as Cardano, Polygon, Dogecoin, and Wrapped Bitcoin, predominantly on the Ethereum virtual machine (EVM) chains. These were swiftly converted and transferred to Bitcoin.

Consequently, she urged affected individuals to report the incident to the US Internet Crime Complaint Center (IC3). Additionally, she advised LastPass users to promptly rotate their keys to curtail further losses from the security breach.

Last year, ZachXBT and Monahan disclosed that the attackers had stolen over $4 million in digital assets from LastPass users on Oct. 25. At the time, ZachXBT issued a strong recommendation for LastPass users who had ever stored their seed phrases or keys on the platform to transfer their crypto holdings promptly.

LastPass hack

In December 2022, LastPass, a platform trusted for storing and encrypting user passwords, fell victim to a breach that compromised its cloud-based storage service.

The attack allowed malicious actors to access its platform and copy a backup of its customer vault data, containing sensitive information such as website logins, secure notes, and form data.

Following the breach, cybercriminals began targetting crypto users whose seed phrases might have been stored on the platform. Cybersecurity expert Brian Krebs reported that the breach has resulted in the theft of over $35 million in digital assets from 150 victims.

Mentioned in this article
Posted In: , Crime, Hacks