LastPass threat actor drains $5.4 million in crypto from over 40 victim addresses: ZachXBT
Quick Take Around $5.36 million was stolen from over 40 victim addresses in a hack linked to the 2022 LastPass security breach, according to blockchain sleuth ZachXBT.
An estimated $5.36 million was stolen in crypto from over 40 wallet addresses in the latest exploit from attackers identified as the “LastPass threat actor,” according to blockchain sleuth ZachXBT.
“Stolen funds were swapped for ETH and transferred to various instant exchanges from Ethereum to Bitcoin,” ZachXBT wrote in his Telegram group message.
The security breach is said to have originated from the 2022 hacking incidents in the password manager service LastPass. In these incidents, attackers stole vast amounts of data , including customer keys, API tokens and MFA seeds.
This theft of sensitive customer data from LastPass had already led to two batches of cryptocurrency hacks, which ZachXBT identified—one in October 2023, which stole $4.4 million and another in February this year, which resulted in losses of over $6.2 million.
“Cannot stress this enough, if you believe you may have ever stored your seed phrase or keys in LastPass migrate your crypto assets immediately,” ZachXBT wrote in an X post last year.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Trending news
MoreCrypto prices
More
