1 day ago
A forfeiture complaint shared by blockchain detective ZachXBT revealed that the $150 cardinal hack suffered by Ripple co-founder Chris Larsen resulted from backstage keys stored successful the password manager LastPass, which was compromised successful 2022.
The ailment details however the attackers accessed Larsen’s cryptocurrency wallets done stolen vault information from LastPass.
LastPass compromise
In December 2022, LastPass suffered 2 large information breaches, 1 successful August and different successful November, which resulted successful the theft of encrypted passwords and vault data.
According to the complaint, Larsen — referred to arsenic Victim 2 — stored backstage keys successful LastPass’ password vault, which besides contained unafraid notes, banking information, and different credentials.
According to Larsen, helium destroyed immoderate carnal grounds of the backstage keys aft inputting them successful the password vault. A long, unsocial password secured entree to the online password manager, and devices remained logged for up to 30 days.
At slightest 4 devices had entree to the relationship containing the backstage keys, and lone Larsen’s household members were alert of the passcode to immoderate of these devices.
The FBI has been investigating the LastPass breach, and instrumentality enforcement agents moving connected Larsen’s lawsuit person spoken with FBI agents regarding the stolen data.
The probe suggests that attackers utilized the compromised vault information to summation unauthorized entree to aggregate victims’ cryptocurrency accounts, physics accounts, and different delicate information.
The hack
Larsen archetypal disclosed the hack connected Jan. 31, 2024, stating that unauthorized entree had been detected successful respective of his idiosyncratic XRP accounts.
The attackers stole astir 213 cardinal XRP, valued astatine $112.5 cardinal astatine the time. The stolen funds were laundered done crypto exchanges, including Binance, Kraken, OKX, Gate, MEXC, HTX, and HitBTC.
Larsen and his squad instantly notified crypto exchanges to frost affected addresses but did not publically uncover immoderate further details astir the hack.
ZachXBT questioned Larsen’s determination to fell the origin of the theft. He said:
“Only if Chris Larsen had shown basal transparency with sharing their findings for the basal origin anterior to this oregon had helped signifier a people enactment against LastPass.”
The station Ripple co-founder’s $150M hack tied to LastPass password vault breach appeared archetypal connected CryptoSlate.
English (US) 