A cryptothief takes $4.4 million in a single day as the cost of the LastPass hack increases.

In September, it was revealed that a staggering $35 million in cryptocurrency had been pilfered from victims of the LastPass security breach that occurred in 2022. This recent breach only added to the growing tally.

A minimum of 25 individuals reported losses totaling $4.4 million from 80 different cryptocurrency wallets, all linked to a data breach that affected the password management software, LastPass, back in 2022.

On October 27th, in a tweet on Twitter, an on-chain researcher who goes by the pseudonym ZachXBT, along with MetaMask developer Taylor Monahan, meticulously tracked the movements of funds from over 80 compromised wallets, all of which had been compromised on October 25th.

It’s worth noting that most, if not all, of the victims were long-time users of LastPass, many of whom confirmed that they had stored their cryptocurrency wallet keys and seeds within the LastPass system. This information was disclosed in a report by Chainabuse.

In December of 2022, LastPass disclosed that an attacker had leveraged information stolen during a breach in August to target one of their employees. The attacker managed to obtain the employee’s credentials and decrypt the stored customer information. Additionally, a backup of encrypted customer vault data was stolen, and LastPass issued a warning that it could potentially be decrypted if the attacker attempts to brute force the account’s master password.

In a blog post in September, cybersecurity journalist Brian Krebs reported that some of the LastPass customer vaults had been breached, resulting in the theft of over $35 million in cryptocurrency from approximately 150 victims.

By January, LastPass found itself facing a class-action lawsuit, with individuals claiming that the breach in August 2022 had led to the theft of around $53,000 worth of Bitcoin (BTC), equivalent to $34,581.

In his recent post, ZachXBT advised anyone who had ever stored a wallet seed or private key in LastPass to take immediate action and migrate their cryptocurrency assets to a more secure location.

The post A cryptothief takes $4.4 million in a single day as the cost of the LastPass hack increases. appeared first on BitcoinWorld.

Comments

Post a Comment

Popular posts from this blog

Grayscale Investments Files for 3 New Exchange Traded Funds

On May 9, digital currency fund manager Grayscale Investments announced the establishment of the Grayscale Funds Trust and submitted registration filings for three exchange-traded funds with the U.S. Securities and Exchange Commission. Grayscale Introduces Grayscale Funds Trust and Files for 3 ETFs As the leading digital currency fund manager, in terms of assets under management (AUM), Grayscale Investments unveiled the Grayscale Funds Trust launch. The trust is a Delaware statutory trust structure designed to strengthen the company’s worldwide asset management capabilities. “A registration statement relating to Grayscale Funds Trust has been filed with the SEC but has not yet become effective,” Grayscale stated on Tuesday. Grayscale highlighted that they had previously established Grayscale Advisors, an SEC-registered investment advisor, which will serve as the new trust’s advisor. Besides the trust, Grayscale has also filed a registration statement for three additional funds. Thes
Read more

SlowMist Uncovers Fraudulent ImToken Wallet on Third-party Stores

The SlowMist Security Team has investigated and analyzed fake Web3 wallets from third -party app stores, warning users about the dangers of downloading wallet apps from questionable sources. In a recent tweet, the team shared their findings and urged users to stay vigilant in enhancing their security awareness when using wallets in the blockchain space. Investigation and Analysis of Fake #Web3 Wallets from Third -party A thread about the risks of using third -party app stores and the dangers of fake wallets in the #blockchain space. Full article here https://t.co/lYNDnM7Qzj — SlowMist (@SlowMist_Team) April 26, 2023 According to the team, third -party app stores like apkcombo and uptodown pose significant risks as anyone can publish apps with minimal cost, making phishing attacks more accessible. The team found a fraudulent version of the well-known imToken wallet on apkcombo, which transmits sensitive data, like mnemonics, to the attacker’s server. The report
Read more

Binance Breaks New Ground with Japan Launch, BNB Token to Take Center Stage

Image
BNB Token To Debut In Japan The cryptocurrency behemoth’s “Build and Build ( BNB )” exchange token, a native token of the BNB chain with broad usage on the Binance exchange, will launch in the Japanese market. The creation of this coin demonstrates Binance ’s strategic goal to target seasoned users. advertisement A variety of decentralized finance (DeFi) and Web 3-based blockchain-based game stocks, such as Solana (SOL), Aster (ASTR), Avalanche (AVAX), Jasmy (JASMY), and Axie (AXS), will be included in the cryptocurrency choices on sale. Domestic unlisted concerns that are not already managed by other exchanges are still being considered, despite not being included in the most recent notification. Binance Japan will not allow leveraged trading, which often entails using margins to purchase and sell assets repeatedly. This is a divergence from several of its rivals. Binance would need to meet stringent requirements to obtain a “Type 1 Financial Instruments Bu
Read more