Cryptocurrency theft attacks traced to 2022 LastPass breach

Investigations by TRM Labs have pinned a string of cryptocurrency heists on the 2022 LastPass breach, where hackers swiped encrypted vaults containing wallet keys and slowly cracked weak master passwords to drain funds years later—talk about a gift that keeps on giving for cybercriminals. These thieves didn’t rush; they laundered the loot through sophisticated methods like Wasabi Wallet’s CoinJoin feature to muddle transaction trails, but TRM’s sleuthing demixed the mess by spotting behavioral patterns, ultimately tracing over $28 million back to Russian exchanges. The U.S. Secret Service backed this up by seizing $23 million, confirming the attacks stemmed from decrypted vault data rather than direct device hacks, highlighting how even encrypted systems can crumble with poor password habits. For SMBs and MSPs managing sensitive data, this is a stark reminder to beef up master password strength and iteration settings pronto, or risk turning your own digital vaults into easy pickings for these persistent bad actors. Meanwhile, if you’re handling crypto, keep an eye on unusual transaction waves and consider advanced monitoring tools to stay one step ahead of the curve.

Source: https://www.bleepingcomputer.com/news/security/cryptocurrency-theft-attacks-traced-to-2022-lastpass-breach/