- Millions of dollars worth of cryptocurrencies are being stolen from wallets
- The victims are linked to the 2022 LastPass hack
- The hack saw both encrypted and unencrypted data stolen from the password management provider
The hacker responsible for the massive 2022 LastPass breach has continued his rampage by using stolen data to extract $5.36 million from 40 crypto wallets.
In the August 2022 hack, the attacker gained access to information that later allowed him to successfully compromise a cloud-based storage environment that stored customer keys, API tokens, multi-factor authentication (MFA), and encrypted password vaults.
Even though the password vaults were encrypted, the master password used to open them could still have been brute-forced if it was weak, reused, or previously leaked, which could be the reason for a series of crypto thefts against LastPass users since 2022.
The consequences continue
The latest theft is linked to the LastPass breach by a blockchain expert known as ZachXBT (via The Block). ZachXBT claims in a Telegram post that this is just the latest in a long line of crypto thefts affecting victims of the LastPass breach, with $4.4 million stolen in October 2023 and another $6.2 million stolen in February 2024 stolen.
“Stolen funds were exchanged for ETH and transferred to several direct Ethereum to Bitcoin exchanges,” ZachXBT wrote in their Telegram post. “I cannot stress this enough: if you think you have ever stored your seed phrase or keys in LastPass, migrate your crypto assets immediately.”
The edge previously reported between the time of the breach in August and December 2022, more than $35 million was stolen from 150 apparent victims of the LastPass breach.
These subsequent crypto wallet breaches highlight the importance of using unique passwords for each individual account and ensuring that each password meets recommended password security standards by using one of the best password generators.
Even if you’ve changed password managers since the LastPass breach, compromised passwords that are still being reused are at risk, as evidenced by these crypto thefts. It is also recommended to use a strong authenticator app that uses biometric authentication to secure your accounts even if an attacker knows your username and password.