- LastPass hack results in about $4.4 million crypto theft from 25 investors.
- Crypto security expert warns against entrusting mnemonic phrases to third-party services.
- Over 80 crypto wallets were compromised in the recent security breach.
Crypto enthusiasts have again become victims of a high-profile hack following the compromise of the renowned password manager LastPass. In a recent statement on the X platform (formerly Twitter), prominent blockchain security threat tracker ZachXBT disclosed that over 25 crypto investors have been drained of millions of dollars resulting from the exploit of LastPass.
ZachXBT noted that the hack on the victims happened in a single day last week, with over $4 million stolen in cryptocurrency. “Just on October 25, 2023, alone, another $4.4M was drained from 25+ victims due to the LastPass hack,” the investigator proclaimed.
Notably, this recent crypto exploit on the 25 targets follows the LastPass hack incident of nearly a year, precisely December 2022, as the firm admitted . According to the security expert, the victims are LastPass’ longstanding customers and people who confirm to have used the password manager. Also, the investigator revealed that over 80 distinct crypto wallets were exploited in the latest target.
Emphatically, the crypto investors who have recently lost substantial parts of their crypto portfolio became victims as they entrusted the mnemonic phrases and access passcodes of their crypto wallets to the password manager.
The blockchain security expert has warned that crypto investors should avoid entrusting sensitive information concerning their crypto portfolio, such as mnemonic phrases, to third-party services. Also, he recommended that those who had already divulged such information should transfer their crypto holdings to a new wallet entirely to forestall the risks of becoming a victim.
“Cannot stress this enough: if you believe you may have ever stored your seed phrase or keys in LastPass, migrate your crypto assets immediately,” ZachXBT cautioned.
Meanwhile, Coin Edition recently reported that scammers attempted to exploit victims of another password manager, KeePass, via a phishing ad ranking first on Google search.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.