Feds Link $150M Cyberheist To 2022 LastPass Hacks (krebsonsecurity.com)
(Monday March 10, 2025 @12:52PM (msmash)
from the epicenter-of-the-mess dept.)
- Reference: 0176667009
- News link: https://it.slashdot.org/story/25/03/10/1532234/feds-link-150m-cyberheist-to-2022-lastpass-hacks
- Source link: https://krebsonsecurity.com/2025/03/feds-link-150m-cyberheist-to-2022-lastpass-hacks/
[1]AmiMoJo writes:
> In September 2023, KrebsOnSecurity [2]published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service [3]LastPass in 2022 . In a court filing last week, U.S. federal agents investigating a spectacular $150 million cryptocurrency heist said [4]they had reached the same conclusion .
>
> On March 6, federal prosecutors in northern California said they seized approximately $24 million worth of cryptocurrencies that were clawed back following a $150 million cyberheist on Jan. 30, 2024. The complaint refers to the person robbed only as 'Victim-1,' but according to blockchain security researcher ZachXBT the theft was perpetrated against Chris Larsen, the co-founder of the cryptocurrency platform Ripple.
>
> ZachXBT was the first to report on the heist, of which approximately $24 million was frozen by the feds before it could be withdrawn. This week's action by the government merely allows investigators to officially seize the frozen funds. But there is an important conclusion in this seizure document: It basically says the U.S. Secret Service and the FBI agree with the findings of the LastPass breach story published here in September 2023.
[1] https://slashdot.org/~AmiMoJo
[2] https://krebsonsecurity.com/2023/09/experts-fear-crooks-are-cracking-keys-stolen-in-lastpass-breach/
[3] https://tech.slashdot.org/story/22/08/26/1725223/lastpass-hackers-stole-source-code
[4] https://krebsonsecurity.com/2025/03/feds-link-150m-cyberheist-to-2022-lastpass-hacks/
> In September 2023, KrebsOnSecurity [2]published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service [3]LastPass in 2022 . In a court filing last week, U.S. federal agents investigating a spectacular $150 million cryptocurrency heist said [4]they had reached the same conclusion .
>
> On March 6, federal prosecutors in northern California said they seized approximately $24 million worth of cryptocurrencies that were clawed back following a $150 million cyberheist on Jan. 30, 2024. The complaint refers to the person robbed only as 'Victim-1,' but according to blockchain security researcher ZachXBT the theft was perpetrated against Chris Larsen, the co-founder of the cryptocurrency platform Ripple.
>
> ZachXBT was the first to report on the heist, of which approximately $24 million was frozen by the feds before it could be withdrawn. This week's action by the government merely allows investigators to officially seize the frozen funds. But there is an important conclusion in this seizure document: It basically says the U.S. Secret Service and the FBI agree with the findings of the LastPass breach story published here in September 2023.
[1] https://slashdot.org/~AmiMoJo
[2] https://krebsonsecurity.com/2023/09/experts-fear-crooks-are-cracking-keys-stolen-in-lastpass-breach/
[3] https://tech.slashdot.org/story/22/08/26/1725223/lastpass-hackers-stole-source-code
[4] https://krebsonsecurity.com/2025/03/feds-link-150m-cyberheist-to-2022-lastpass-hacks/
Maybe secure passwords better in this case? (Score:3)
by gweihir ( 88907 )
When protecting a lot? I mean TOTP keychain or card is something like $25 and a hardware password manager with USB that pretends to be a keyboard is below $100. Both are not easy to attack.
Who'd have thunk it (Score:1)
by Bold_Cucumber ( 458278 )
You mean uploading all your passwords to the cloud may not have been the best idea? SHOCKING
Re: (Score:2)
by bill_mcgonigle ( 4333 ) *
I left LP when someone here pointed out that the metadata (e.g.) site names were stored in cleartext.
I disbelieved the comment and went to debunk it.
I was instead horrified.
If you know the site name you know where to spend your $$$ cracking.
I wonder what the disclosure delay was vs. if he didn't change his important passwords.
BRIAN ROCKS (Score:1)
So KrebsOnSecurity rocks. Brian knows his stuff 100%. He's not a Russian troll.
I'm "curious"how "the feds" "froze" crypto. It's missing from this /. summary.
Can anyone explain how "the feds" "froze" crypto? and of course ihow that proves crypto is decentraliced.
Re: (Score:2)
I'm "curious"how "the feds" "froze" crypto. It's missing from this /. summary.
If money was deposited to an account on a crypto exchange, and the Exchange finds it suspicious or the government orders them, then transfers out of that account will be frozen.
Similarly the feds can identify certain wallet addresses to all the crypto exchanges to have Any funds deposited from those addresses immediately placed on hold - when they try to deposit crypto to an exchange account in order to sell it: The deposit wil
Re: (Score:2)
"Frozen" crapto typically means one of two things:
1) The crapto was with an exchange and the exchange froze it on request because they are afraid of the feds. That works because the crapto is in a wallet controlled by the exchange at that time.
2) (A "soft freeze") The feds let it be known that they know where the crapto is and that they would take it very much amiss if any exchange were to be willing to touch that crapto. That works because it becomes very difficult to move that crapto.
In both cases, it is
Re: (Score:2)
Not your keys, not your coins.
Exchanges are like having a demand-deposit account at a bank.
Re: (Score:2)
Presumably they just contacted the exchanges that convert crypto to real money and told them not to cash out that particular wallet.