Hackers Attack LastPass Victims Again, Steal $5.4 Million
Date: 2024-12-17 Author: Oliver Abernathy Categories: BUSINESS
In the latest wave of attacks related to the LastPass hack in 2022, hackers stole another $5.4 million from more than 40 users, according to well-known on-chain analyst ZachXBT. The attackers converted the stolen assets into Ethereum (ETH), and then transferred the funds to Bitcoin.
The initial LastPass hack occurred two years ago, when hackers were able to access backup storages containing critical user data. Among the leaked information were encryption keys, API tokens, and multi-factor authentication (MFA) seeds.
This is not the first time that stolen LastPass data has been used. On October 25, 2023, in one day, attackers withdrew cryptocurrency from 80 wallets worth $4.4 million, causing damage to at least 25 users. Another attack was recorded in February 2024. Then the amount of losses exceeded $6.2 million.
Cybersecurity specialist ZachXBT and other experts urge users whose data may have been compromised to immediately transfer assets to more reliable crypto wallets. Otherwise, they risk becoming victims of another wave of hacks.
Recall that in mid-December 2024, the source code of the macOS Stealer Trojan malware became publicly available. This virus is designed to steal digital assets and may become a new tool in the hands of hackers, increasing the risks for cryptocurrency owners.
