According to blockchain analyst ZachXBT, on October 25, at least 25 LastPass users had their cryptocurrency accounts compromised by hackers, stealing $4.4 million in value.Users’ password information is encrypted and stored on the LastPass platform.An employee was the target of an attack last year that involved the theft of their login credentials, compromising its cloud-based storage service.
At least 80 cryptocurrency wallets have been identified as compromised as a result of the hack by ZachXBT and MetaMask developer Taylor Monahan.A list released by Monahan claims that money has been stolen from the blockchains of Bitcoin, Ethereum, BNB, Arbitrum, Solana, and Polygon.
“Cannot stress this enough, if you believe you may have ever stored your seed phrase or keys in LastPass migrate your crypto assets immediately,” ZachXBT wrote on X, formerly Twitter.
Hackers frequently target cryptocurrency wallets because obtaining a private key, which grants them full access to funds, is a common attack vector.Through a series of hacks and exploits in July, cryptocurrency users had over $300 million stolen from them.According to cybersecurity journalist Brian Krebs, the LastPass breach resulted in the theft of cryptocurrency valued at over $35 million.