Hackers steal $6.2 million in digital assets from LastPass users, investigators track stolen funds

Hackers stole implicit $6.2 cardinal successful integer assets from 22 LastPass users betwixt Feb. 19 and 20.

Blockchain researcher ZachXBT and Taylor Monahan, a developer associated with the crypto wallet MetaMask, revealed successful a Feb. 21 post connected societal media level X (formerly Twitter) that they meticulously tracked the question of funds from 41 compromised wallets. These wallets comprised 21 Bitcoin and 20 Ethereum addresses, each impacted by the breach.

LastPass Hack Victims (Source: ZachXBT/Monahan)

Monahan highlighted that the stolen assets encompassed assorted cryptocurrencies specified arsenic Cardano, Polygon, Dogecoin, and Wrapped Bitcoin, predominantly connected the Ethereum virtual instrumentality (EVM) chains. These were swiftly converted and transferred to Bitcoin.

Consequently, she urged affected individuals to study the incidental to the US Internet Crime Complaint Center (IC3). Additionally, she advised LastPass users to promptly rotate their keys to curtail further losses from the information breach.

Last year, ZachXBT and Monahan disclosed that the attackers had stolen implicit $4 cardinal successful integer assets from LastPass users connected Oct. 25. At the time, ZachXBT issued a beardown proposal for LastPass users who had ever stored their effect phrases oregon keys connected the level to transportation their crypto holdings promptly.

LastPass hack

In December 2022, LastPass, a level trusted for storing and encrypting idiosyncratic passwords, fell unfortunate to a breach that compromised its cloud-based retention service.

The onslaught allowed malicious actors to entree its level and transcript a backup of its lawsuit vault data, containing delicate accusation specified arsenic website logins, unafraid notes, and signifier data.

Following the breach, cybercriminals began targetting crypto users whose effect phrases mightiness person been stored connected the platform. Cybersecurity adept Brian Krebs reported that the breach has resulted successful the theft of implicit $35 cardinal successful integer assets from 150 victims.

The station Hackers bargain $6.2 cardinal successful integer assets from LastPass users, investigators way stolen funds appeared archetypal connected CryptoSlate.