In September, blockchain sleuths reported that victims of the LastPass breach that occurred last year lost at least $35 million in cryptocurrencies. In the latest hack, he had an additional $4.4 million stolen. cointelegraph I have written. This amount was leaked from a total of 80 wallets in just one day.
What is Last Pass?
LastPass is a popular password management and security tool that helps users store and organize passwords and other sensitive information. It is a software application that offers a variety of features to enhance your online security and streamline the login process. Its main features include password management and generation.
LastPass stores your login credentials for a variety of websites and applications, so you don’t have to remember them all and can create complex, unique passwords for each account.
Attacker stole employee credentials
MetaMask developer Taylor Monahan and blockchain researcher ZachXBT tracked the movement of funds in at least 80 wallets, the latter tweeted. Monaghan added that most of the victims were long-time users of the software app.
The app reported that cybercriminals used data stolen in an August 2022 data breach. He was able to steal his LastPass employee login details and decrypt stored customer data.
Client vault data backups were also stolen.
The attackers also stole encrypted backups of client vault data. If you can guess the master password, you can decrypt all your data.
Cybersecurity journalist Brian Krebs said the attackers appear to have cracked some of LastPass’ customer vaults. A total of 150 customers lost over $35 million worth of his cryptocurrencies.
App faces lawsuit
The software app is facing a class action lawsuit from customers who claim they lost around 100 million yen worth of Bitcoin. The August 2022 breach cost him $53,000.
In X, ZachXBT warned all LastPass clients who have ever stored private keys or wallet seeds in the app to move their digital assets immediately.