LastPass passwords used in crypto thefts

Share post:

Security experts are warning LastPass users that their passwords may have been used in a string of cryptocurrency thefts.

The experts say that hackers have cracked open some of the password vaults stolen during a security breach at LastPass in late 2022. This has allowed them to access the “seed phrases” of victims, which are private digital keys that are required to access cryptocurrency investments.

Collectively, over $35 million in crypto has reportedly been stolen so far. The thefts have occurred in batches of two to five high-value heists each month since December 2022.

Taylor Monahan, lead product manager at MetaMask, is at the forefront of the investigation. She observes that the victims’ link is not only their reliance on LastPass but also the suspicious movement of stolen funds to identical blockchain addresses. Nick Bax, director of analytics at Unciphered, echoes Monahan’s concerns, urging LastPass users to take action, emphasizing the gravity of the situation.

The common thread connecting the victims is that they had previously used LastPass to store their seed phrases. These keys are often stored on encrypted services like password managers to prevent bad actors from gaining access to crypto wallets.

LastPass has not confirmed whether any of the stolen password vaults have been cracked. However, the company says that it is “aware of the reports” and is “investigating the matter.”

The sources for this piece include an article in TheVerge.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways