Crypto theft attacks linked to 2022 LastPass data breach

Blockchain investigation firm TRM Labs has linked the ongoing cryptocurrency thefts to the LastPass breach that occurred in 2022. According to reports, the attackers have been draining wallets years after encrypted vaults were stolen and laundering the digital assets through Russian exchanges. In 2022, LastPass confirmed that attackers had breached its systems by compromising a developer environment. The platform added that the criminals stole portions of the company’s source code and proprietary technical information. In another related incident, the hackers used the stolen credentials to breach the GoTo cloud storage firm, stealing LastPass database backups stored on the platform. For some users, the vault contained both stored credentials and cryptocurrency wallet private keys and seed phrases. Cryptocurrency theft attacks linked to LastPass breach During the breach, LastPass claimed that its vaults were encrypted. However, users with weak or reused master passwords were vulnerable to offline cracking, which TRM Labs believes...

https://www.cryptopolitan.com/cryptocurrency-theft-attacks-lastpass-breach/