Cointime

Cointime

Download App
iOS & Android

Crypto thief steals $4.4M in a day as toll rises from LastPass breach

Validated Media

At least 25 people have reportedly seen $4.4 million in crypto drained from across 80 wallets due to a 2022 data breach that impacted password storage software LastPass.

In an Oct. 27 X (Twitter) post, pseudonymous on-chain researcher ZachXBT said they and MetaMask developer Taylor Monahan tracked the fund movements of at least 80 wallets compromised on Oct. 25.

“Most, if not all, of the victims are longtime LastPass users and/or confirm having stored their [crypto wallet] keys/seeds in LastPass,” Monahan said in an accompanying Chainabuse report.

In December 2022, LastPass disclosed an attacker leveraged information previously stolen in a breach that August to target a LastPass employee, snagging their credentials and decrypting stored customer information.

Also stolen was a backup of encrypted customer vault data which LastPass warned could be decrypted if the attacker brute force guesses the account’s master password.

In a September blog post, cybersecurity journalist Brian Krebs reported some of the LastPass customer vaults had seemingly been cracked and over $35 million worth of crypto had been stolen from around 150 victims.

In January, LastPass was hit with a class-action suit from individuals claiming the August 2022 breach resulted in the theft of around $53,000 worth of Bitcoin.

In his latest X post, ZachXBT advised anyone who ever stored a wallet seed or private key in LastPass to “migrate your crypto assets immediately.”

Comments

All Comments

Recommended for you

  • Changpeng Zhao: Binance Wallet now supports identifying malicious addresses; you will receive a warning if you transfer funds to them.

    Zhao Changpeng posted on Binance Plaza stating, "The cryptocurrency industry should be able to completely eradicate address poisoning attacks and protect users. All wallets should simply check whether the receiving address is a poisoned address and block the user.This is a blockchain query. Wallets should not even display these junk transactions anywhere. If the value of the transaction is very small, filter it out. Security alliances in the industry should maintain a real-time blacklist of these addresses so that wallets can check before sending transactions. Binance Wallet is already doing this. If a user tries to send to a malicious address, they will receive a warning.

  • Bitcoin spot ETFs saw a total net outflow of $189 million yesterday, marking the fourth consecutive day of net outflows.

     according to SoSoValue data, the total net outflow of Bitcoin spot ETFs is 189 million USD.The Bitcoin spot ETF with the largest single-day net outflow yesterday was Blackrock's ETF IBIT, with a single-day net outflow of 157 million USD. Currently, IBIT's total historical net inflow has reached 62.34 billion USD. The second is Fidelity's ETF FBTC, with a single-day net outflow of 15.2979 million USD. Currently, FBTC's total historical net inflow has reached 12.189 billion USD. As of the time of writing, the total net asset value of Bitcoin spot ETFs is 114.289 billion USD, with the ETF net asset ratio (market value as a proportion of Bitcoin's total market value) reaching 6.53%, and the cumulative historical net inflow has reached 57.076 billion USD.

  • BTC falls below $88,000

     market shows BTC fell below $88,000, currently at $87,997.85, 24-hour decline reaches 0.88%, market volatility is significant, please manage your risk accordingly.

  • The U.S. spot Ethereum ETF saw net inflows of $84.59 million yesterday.

     according to Trader T monitoring, the US spot Ethereum ETF had a net inflow of 84.59 million USD yesterday.

  • ETH breaks $3,000

     the market shows ETH breaking through $3000, currently at $3000.08, with a 24-hour decline of 0.38%. The market is highly volatile, please manage your risk accordingly.

  • Binance Wallet launches "secure auto-signature" service

     according to the official announcement, Binance Wallet has launched the "Secure Auto Sign" (SAS) service: it now supports mnemonic/private key wallets to trade on Binance Wallet (web version).

  • Circle minted 500 million USDC on the Solana network.

    according to Onchain Lens monitoring, Circle has minted 500 million USDC on the Solana network. Since October 11, Circle has issued a total of 18 billion USDC on the Solana network.

  • Sources familiar with the matter: JPMorgan Chase is considering offering cryptocurrency trading services to institutional clients.

    according to Bloomberg, as major global banks deepen their involvement in the cryptocurrency asset class, JPMorgan Chase is considering offering cryptocurrency trading services to its institutional clients. A knowledgeable source revealed that JPMorgan is evaluating what products and services its market division can offer to expand its business in the cryptocurrency field. The source stated that these products and services may include spot and derivatives trading.

  • Federal Reserve Governor Milan: We believe that the policy rate will eventually be lowered.

    Federal Reserve Board member Mylan stated that due to the US government shutdown, there were some anomalies in last week's inflation data; he believes that the US will not experience an economic recession in the near term, but if policies are not adjusted, the US will face an increasing risk of economic recession. We believe that policy interest rates will eventually be lowered.

  • BlackRock deposited 819.39 BTC, worth approximately $73.72 million, into Coinbase.

     according to Onchain Lens monitoring, BlackRock deposited 819.39 BTC into Coinbase, worth approximately 73.72 million USD.

Daily Must-Read

Popular Activities

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

April 30 - April 30
Dubai

Popular Tags

Cointime
News
Contents
RSS
Company