Identity, Breach

Crypto theft amounting to $4.4M tied to LastPass hack

Threat actors using private keys and passphrases from LastPass databases stolen in cyberattacks last August and December were reported by ZachXBT and MetaMask developer Taylor Monahan to have been able to exfiltrate $4.4 million worth of cryptocurrency on Oct. 25, BleepingComputer reports. Such amount of cryptocurrency has been stolen from more than 25 victims, said ZackXBT in a tweet, which also urged organizations and individuals using LastPass to immediately migrate their cryptocurrency assets. Meanwhile, Monahan and other researchers were reported by Brian Krebs to have attributed the earlier theft of more than $35 million to the same attackers. "At this point, I'm also confident in saying that, in most of these cases, the compromised keys were stolen from LastPass. The number of victims who only had the specific group of seeds/keys that were drained stored in LastPass is simply too much to ignore," said Monahan in a tweet in August.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.