Cybercriminals have struck at LastPass users again, taking more than $5.36 million just a week before Christmas. This incident is part of a series of attacks dating back to the major data breach of December 2022. Since then, nearly $45 million worth of cryptocurrency has been stolen, new on-chain analysis shows.
What happened?
In December 2022, scammers managed to copy backups of LastPass customer vault data from encrypted storage. Although the data itself was encrypted, experts point out that private keys and seed phrases stored in LastPass before 2023 could be vulnerable.
Blockchain researcher ZachXBT published new evidence on December 17 about the recent thefts via the Chainabuse platform. According to him, the stolen funds were immediately converted into Ether and distributed via instant exchanges.
Experts sound the alarm
The Security Alliance (SEAL) hacker team is warning former LastPass users to transfer their cryptocurrency to a secure wallet as soon as possible. Blockchain sleuth Tey estimates that earlier this year, in May, $250 million in funds was stolen from tens of thousands of victims. Both experts emphasize that proactive action is crucial to prevent further losses.
Increase in cybercrime during the holidays
Security company Cyvers reports a marked increase in cyber attacks in the run-up to Christmas. “It’s peak season for hackers,” Cyvers warns. They advise:
- Never share 2FA codes.
- Beware of suspicious offers and discounts.
- Do not connect to unsecured Wi-Fi networks.
Meta also warns users of Facebook, Instagram and WhatsApp against fake promotions aimed at holiday shoppers. These scams include misleading gift box offers, fake party decorations and fake coupons.
Crypto hackers seize their chance
After a notable 53% drop in crypto scams in November, to $9.3 million, hackers now appear to be regaining ground. Cybersecurity experts warn that the holidays bring additional risks and call on users to strengthen their digital security.
Protect your cryptocurrency now
LastPass users are advised to:
- Directly checking their seed phrases and private keys.
- Transfer funds to more secure wallets.
- Using additional security measures such as hardware wallets.
The latest wave of attacks highlights the importance of storing sensitive data securely. For LastPass users, don’t wait any longer and take action to protect your cryptocurrency today.
Source: https://newsbit.nl/lastpass-gebruikers-opnieuw-doelwit-536-miljoen-aan-cryptovaluta-gestolen-vlak-voor-kerst/
