More than 40 users have lost approximately $5.4 million in a new attack linked to the 2022 breach of the password storage service LastPass, according to on-chain detective ZachXBT.
The stolen funds were converted into ETH and later transferred into Bitcoin.
Two years ago, hackers breached the service and copied backup storage containing user data, including private keys, API tokens, and MFA seeds.
This is not the first time attackers have exploited stolen LastPass data. On October 25, 2023, at least 25 individuals lost $4.4 million in crypto from 80 wallets in a single day.
Another wave of transactions related to this breach occurred in February 2024, causing losses of over $6.2 million.
Cybersecurity expert ZachXBT and other specialists have urged users to transfer their funds to secure wallets if they suspect their access has been compromised.
In mid-December, the code for the macOS Stealer Trojan malware, designed to steal assets, was leaked publicly.
Cryptol – your source for the latest news on cryptocurrencies, information technology, and decentralized solutions. Stay informed about the latest trends in the digital world.