Hackers stole more than $6.2 million in digital assets from 22 LastPass users between February 19th and 20th.
ZachXBT, a blockchain investigator, and Taylor Monahan, a developer behind cryptocurrency wallet MetaMask, were revealed on February 21st. post They meticulously tracked the movement of funds in 41 compromised wallets on social media platform X (formerly Twitter). This wallet consists of 21 Bitcoin and 20 Ethereum addresses, all of which were affected by the breach.
Monahan emphasized that the stolen assets span a variety of cryptocurrencies, such as Cardano, Polygon, Dogecoin and Wrapped Bitcoin, primarily on the Ethereum virtual machine (EVM) chain. This was quickly converted and transferred to Bitcoin.
She therefore urged affected individuals to report the incident to the Internet Crime Complaint Center (IC3). She also advised LastPass users to replace their keys immediately to reduce further losses from a security breach.
Last year, ZachXBT and Monahan revealed that attackers stole more than $4 million in digital assets from LastPass users on October 25th. At the time, ZachXBT issued This strongly encourages LastPass users who have stored their seed phrases or keys on the platform to transfer their cryptocurrency holdings immediately.
LastPass Hack
In December 2022, LastPass, a trusted platform for storing and encrypting user passwords, fell victim to a breach that compromised its cloud-based storage service.
The attack allowed malicious actors to access the platform and copy backups of customer vault data containing sensitive information such as website logins, secure notes, and form data.
Following the breach, cybercriminals began targeting cryptocurrency users whose seed phrases may have been stored on the platform. Cybersecurity expert Brian Krebs reported that the breach resulted in the theft of more than $35 million in digital assets from 150 victims.