Security experts allege that some of the LastPass password vaults, which were stolen in a security breach towards the end of 2022, have now been successfully breached, leading to a series of substantial cryptocurrency thefts.
According to cybersecurity blogger Brian Krebs, a group of researchers has uncovered compelling evidence linking over 150 victims of crypto theft to the LastPass service. The combined value of the stolen cryptocurrency is estimated to be over $35 million, with a frequency of two to five high-value heists occurring each month since December 2022.
Taylor Monahan, the lead product manager at MetaMask, a cryptocurrency wallet company, and a prominent figure in the investigation, noted that the common denominator among the victims was their prior use of LastPass to safeguard their “seed phrase” – a confidential digital key necessary to access cryptocurrency investments.
These keys are typically stored on secure platforms like password managers to thwart unauthorized access to crypto wallets. Furthermore, the pilfered funds were traced to the same blockchain addresses, further solidifying the connection between the victims.
LastPass, a password management service, experienced two known security breaches in August and November of the previous year.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: