Hackers stole over $6.2 million in digital belongings from 22 LastPass customers between Feb. 19 and 20.
Blockchain investigator ZachXBT and Taylor Monahan, a developer related to the crypto pockets MetaMask, revealed in a Feb. 21 put up on social media platform X (previously Twitter) that they meticulously tracked the motion of funds from 41 compromised wallets. These wallets comprised 21 Bitcoin and 20 Ethereum addresses, all impacted by the breach.
Monahan highlighted that the stolen belongings encompassed numerous cryptocurrencies equivalent to Cardano, Polygon, Dogecoin, and Wrapped Bitcoin, predominantly on the Ethereum digital machine (EVM) chains. These had been swiftly transformed and transferred to Bitcoin.
Consequently, she urged affected people to report the incident to the US Web Crime Grievance Middle (IC3). Moreover, she suggested LastPass customers to promptly rotate their keys to curtail additional losses from the safety breach.
Final yr, ZachXBT and Monahan disclosed that the attackers had stolen over $4 million in digital belongings from LastPass customers on Oct. 25. On the time, ZachXBT issued a powerful advice for LastPass customers who had ever saved their seed phrases or keys on the platform to switch their crypto holdings promptly.
LastPass hack
In December 2022, LastPass, a platform trusted for storing and encrypting person passwords, fell sufferer to a breach that compromised its cloud-based storage service.
The assault allowed malicious actors to entry its platform and duplicate a backup of its buyer vault knowledge, containing delicate info equivalent to web site logins, safe notes, and type knowledge.
Following the breach, cybercriminals started targetting crypto customers whose seed phrases may need been saved on the platform. Cybersecurity skilled Brian Krebs reported that the breach has resulted within the theft of over $35 million in digital belongings from 150 victims.