According to blockchain investigator Zachxbt, the total theft has skyrocketed to $12.38 million from more than 100 wallet addresses. This theft was carried out by attackers connected to the 2022 Lastpass password manager debacle, which exposed sensitive customer data.

The cunning thieves swapped the stolen crypto for ether (ETH), then converted it into bitcoin (BTC) using various instant exchange platforms. “Stolen funds were swapped for ETH and transferred to various instant exchanges from Ethereum to Bitcoin,” Zachxbt revealed in his Telegram group called ‘Investigations by Zachxbt.’

This latest heist is a continuation of the fallout from the Lastpass security incident. During the 2022 breach, attackers infiltrated encrypted vaults, customer keys, and API tokens, compromising users’ private information, which has now been exploited in multiple thefts.

Zachxbt had previously identified two waves of attacks associated with the Lastpass breach: one in Oct. 2023, where $4.4 million was stolen, and another in Feb. 2024, with victims losing over $6.2 million. This latest development shows just how vulnerable users are when they store seed phrases or wallet keys in Lastpass accounts.

In light of this update, many crypto proponents have urgently advised users to act if they suspect their wallet credentials were stored in Lastpass. This breach serves as a stark reminder of the perils of using centralized password management tools. As the attacks continue to mount, crypto holders are urged to secure their assets with offline storage and decentralized solutions to avoid further losses.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。