Currencies38131
Market Cap$ 2.28T+0.83%
24h Spot Volume$ 17.49B+6.08%
DominanceBTC56.33%-0.36%ETH9.66%+1.47%
ETH Gas0.04 Gwei
Cryptorank
/

LastPass-linked crypto theft climbs to over $250 million after latest $5.4 million hit


LastPass-linked crypto theft climbs to over $250 million after latest $5.4 million hit

Share:

Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Blockchain investigator ZachXBT has revealed that malicious actors, identified as the “LastPass threat actor,” have siphoned off approximately $5.36 million in cryptocurrencies.

In a Dec. 17 post on his Telegram Channel, ZachXBT stated:

“Today an estimated $5.36M was drained by the LastPass threat actor from 40+ victim addresses. Stolen funds were swapped for ETH and transferred to various instant exchanges from Ethereum to Bitcoin.”

This exploit traces back to a December 2022 security breach, when LastPass disclosed that attackers accessed archived backups of encrypted vault data stored on a third-party cloud platform. At the time, LastPass, a popular password manager, warned that the breach exposed user vault data, including usernames, passwords, and secure notes.

However, LastPass assured users that brute-forcing master passwords would be extremely challenging due to strong encryption protocols.

Despite this claim, recent attacks have shown that the hackers have systematically targeted users who stored their private keys or seed phrases in their LastPass vaults.

Over $250 million now lost

The Security Alliance (SEAL), a team of cybersecurity experts, reported that crypto losses connected to the breach have now exceeded $250 million as of May 2024.

According to SEAL, these attacks could have been prevented as many victims—despite practicing caution—unknowingly placed their digital assets at risk by relying on centralized storage for private keys.

Considering the latest wave of attack, SEAL stated:

“Don’t be a part of the statistic. If you used LastPass in the past and think there’s a chance you stored your private key or seed phrase in your vault, take the time and move all your tokens  [and] transfer ownership of any contracts/multisigs/etc.”

Security experts noted that this incident highlights the dangers of trusting password managers with sensitive crypto-related data. To mitigate further losses, crypto holders must immediately safeguard their assets and reduce exposure to similar vulnerabilities.

The post LastPass-linked crypto theft climbs to over $250 million after latest $5.4 million hit appeared first on CryptoSlate.

Read the article at CryptoSlate

In This News

Coins

$ 63.99K

+0.37%

$ 1.82K

+2.11%

$ 0.00721

+0.32%

$ 0.00...361

$ 0.000207


Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Share:

In This News

Coins

$ 63.99K

+0.37%

$ 1.82K

+2.11%

$ 0.00721

+0.32%

$ 0.00...361

$ 0.000207


Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Share:

Read More

One crypto wallet tied to a 20-year-old fraudster processed over $122M before Interpol closed in

One crypto wallet tied to a 20-year-old fraudster processed over $122M before Interpol closed in

The Thailand case shows how cross-chain token swaps can complicate tracing across ser...
Convicted scammer’s “seized” crypto moves to unknown wallets while in prison as DOJ failed to secure funds

Convicted scammer’s “seized” crypto moves to unknown wallets while in prison as DOJ failed to secure funds

DOJ’s account separates a forfeiture order from the unresolved question of who could ...