Threat actors who compromised the widely used password manager service LastPass in 2022 were disclosed by U.S. law enforcement agencies to have utilized stolen master passwords to exfiltrate $150 million worth of cryptocurrency from a wallet reported by blockchain security researcher ZachXBT to belong to Ripple co-founder Chris Larsen, according to KrebsOnSecurity.Nearly $24 million of the cryptocurrency assets stolen in a January 2024 heist was also noted by ZachXBT to have already been requested by the feds, who regarded the attack and subsequent laundering of funds to involve the effort of various attackers and resembling intrusions against online password managers and other crypto heist victims.However, LastPass disclosed that it has yet to obtain evidence definitively associating the attack against its systems with the theft of cryptocurrency."...[O]ur law enforcement partners have not made us aware of any conclusive evidence that connects any crypto thefts to our incident. In the meantime, we have been investing heavily in enhancing our security measures and will continue to do so," said LastPass.
Identity, Threat Intelligence, Application security
LastPass hack leveraged to facilitate $150M crypto heist
(Adobe Stock)
An In-Depth Guide to Identity
Get essential knowledge and practical strategies to fortify your identity security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds