Currencies38131
Market Cap$ 2.27T+0.29%
24h Spot Volume$ 31.06B-4.69%
DominanceBTC56.40%+0.09%ETH9.51%+0.96%
ETH Gas0.09 Gwei
Cryptorank
/

Ripple co-founder’s $150M hack tied to LastPass password vault breach


Ripple co-founder’s $150M hack tied to LastPass password vault breach

Share:

Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

A forfeiture complaint shared by blockchain detective ZachXBT revealed that the $150 million hack suffered by Ripple co-founder Chris Larsen resulted from private keys stored in the password manager LastPass, which was compromised in 2022. 

The complaint details how the attackers accessed Larsen’s cryptocurrency wallets through stolen vault data from LastPass.

LastPass compromise

In December 2022, LastPass suffered two major data breaches, one in August and another in November, which resulted in the theft of encrypted passwords and vault data. 

According to the complaint, Larsen — referred to as Victim 2 — stored private keys in LastPass’ password vault, which also contained secure notes, banking information, and other credentials.

According to Larsen, he destroyed any physical record of the private keys after inputting them in the password vault. A long, unique password secured access to the online password manager, and devices remained logged for up to 30 days.

At least four devices had access to the account containing the private keys, and only Larsen’s family members were aware of the passcode to any of these devices. 

The FBI has been investigating the LastPass breach, and law enforcement agents working on Larsen’s case have spoken with FBI agents regarding the stolen data. 

The investigation suggests that attackers used the compromised vault data to gain unauthorized access to multiple victims’ cryptocurrency accounts, electronic accounts, and other sensitive information.

The hack

Larsen first disclosed the hack on Jan. 31, 2024, stating that unauthorized access had been detected in several of his personal XRP accounts. 

The attackers stole approximately 213 million XRP, valued at $112.5 million at the time. The stolen funds were laundered through crypto exchanges, including Binance, Kraken, OKX, Gate, MEXC, HTX, and HitBTC.

Larsen and his team immediately notified crypto exchanges to freeze affected addresses but did not publicly reveal any further details about the hack.

ZachXBT questioned Larsen’s decision to hide the cause of the theft. He said:

“Only if Chris Larsen had shown basic transparency with sharing their findings for the root cause prior to this or had helped organize a class action against LastPass.”

The post Ripple co-founder’s $150M hack tied to LastPass password vault breach appeared first on CryptoSlate.

Read the article at CryptoSlate

In This News

Coins

$ 1.11

-0.09%

$ 0.00724

+1.41%

$ 0.00...361

$ 0.000734

$ 0.0000475


Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Share:

In This News

Coins

$ 1.11

-0.09%

$ 0.00724

+1.41%

$ 0.00...361

$ 0.000734

$ 0.0000475


Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Share:

Read More

Cardano’s wallet hack exposed the user layer holding its on-chain government together

Cardano’s wallet hack exposed the user layer holding its on-chain government together

EMURGO said it is stepping down from its role in Pentad, the five-member group coordi...
Bitcoin’s $10 billion credit market keeps growing after its first major selloff

Bitcoin’s $10 billion credit market keeps growing after its first major selloff

Bitcoin’s more than $10 billion corporate credit market is still attracting new entra...