- The LastPass hacker has stolen over $4 million from 80 wallets more than a year after they compromised the password storage software
- Most of the victims are longtime users of the platform
- LastPass admitted to being hacked in August warning that more users could lose their funds in the future
On-chain security sleuths ZachXBT and Metamask’s Taylor Monahan have revealed that LastPass users have lost over $4 million in a hack that saw 80 wallets compromised. Investigations indicate that the wallets belonged to over 25 individuals most of whom are long-time users of the password storage software. The hack was made possible by data siphoned from the platform in August 2022, although LastPass admitted to the hacker obtaining user details in December 2022, and warned that more wallets are at risk if the attacker manages to decrypt stolen customer data.
Migrate Your Crypto
According to the two investigators, the recent hack happened on October 25 with ZachXBT advising LastPass users to migrate their cryptocurrency if they “may have ever stored [their] seed phrase or keys in” the password storage platform.
Just on October 25, 2023 alone another ~$4.4M was drained from 25+ victims as a result of the LastPass hack.
Cannot stress this enough, if you believe you may have ever stored your seed phrase or keys in LastPass migrate your crypto assets immediately. pic.twitter.com/26HsxrlnCb
— ZachXBT (@zachxbt) October 27, 2023
The latest attack comes less than a month after the hacker stole more than $30 million from roughly 150 individuals who interacted with LastPass.
Last year, the malicious actor stole a host of data from LastPass, including an encrypted copy of customer data stored in a vault.
In a blog post dated December 22, 2022, LassPass wrote:
While no customer data was accessed during the August 2022 incident, some source code and technical information were stolen [and used] to access and decrypt some storage volumes within the cloud-based storage service.
Phishing Attacks and Credential Stuffing Also Possible
LastPass previously noted that the threat actor may use the obtained information to launch phishing attacks and credential stuffing.
According to blockchain security firm Slowmist, although storing critical wallet-based data in the cloud is convenient, it leads to a new security risk.
With the LastPass hacker continuing to decrypt stolen customer data, more wallets are likely at risk if present and past LastPass users don’t take the necessary precautions.
