Hackers Steal $4.4 Million From 25 Users of Lastpass Password Management App
Digital assets worth approximately $4.4 million were reportedly stolen from more than 80 addresses belonging to 25 users of the password management app Lastpass. Crypto theft investigator Zachxbt has urged crypto asset holders using the password manager to consider removing their keys and passphrases from the app.
More Than 80 Addresses Compromised
According to the online crypto theft investigator Zachxbt, approximately $4.4 million was stolen from more than 25 individuals using the password manager app Lastpass. The theft, which is said to have occurred on Oct.25, is suspected to be the work of a single threat actor. At the time of writing, more than 80 distinct addresses were compromised.
An analysis of the breach published on Chainabuse suggests that the theft may be “related to a larger case that dates back to at least December 2022.” As previously reported by Bitcoin.com News, the password management app’s cloud-based storage environment was breached in August 2022 but Lastpass only confirmed this on Dec. 22, 2022.
Following the revelation, Lastpass attempted to reassure worried users but this was largely met with scepticism.
Just on October 25, 2023 alone another ~$4.4M was drained from 25+ victims as a result of the LastPass hack.
Cannot stress this enough, if you believe you may have ever stored your seed phrase or keys in LastPass migrate your crypto assets immediately. pic.twitter.com/26HsxrlnCb
— ZachXBT (@zachxbt) October 27, 2023
Other Victims Urged to Share Transaction Hashes of the Thefts
Meanwhile, in a warning shared via the social media platform X (formerly Twitter), Zachxbt urged users of the password manager to remove their passphrases from the app.
“Just on October 25, 2023 alone another ~$4.4M was drained from 25+ victims as a result of the LastPass hack. Cannot stress this enough, if you believe you may have ever stored your seed phrase or keys in Lastpass migrate your crypto assets immediately,” Zachxbt cautioned.
The crypto investigator urged followers who may also be victims of the Lastpass hack to share the transactions hashes of the theft.
Reacting to Zachxbt’s post, some social media users appeared to blame the victims for having chosen to use the password management app in the first place. However, in response, the online investigator suggested that many people including unnamed high-profile people are using the app.
What are your thoughts on this story? Let us know what you think in the comments section below.