US Authorities Uncover $23 Million Crypto Heist Linked to LastPass Breach

U.S. authorities have made a significant breakthrough in their investigation into a massive cryptocurrency heist, seizing over $23 million in digital assets linked to the theft of $150 million from a Ripple crypto wallet in January 2024.

According to investigators, hackers who breached LastPass, a popular online password manager, in 2022 were behind the attack. The attackers allegedly stole sensitive data and passwords stored in several victims' password manager accounts, using them to access their electronic accounts and steal information, cryptocurrency, and other valuable data.

Forcedce Complaint Reveals Crypto Theft Connection

A forfeiture complaint unsealed by the U.S. Justice Department reveals that law enforcement agents traced $23,604,815.09 of the stolen digital assets to several cryptocurrency exchanges, including OKX, Payward Interactive, Inc., WhiteBIT, AscendEX Technology SRL, Ftrader Ltd, SwapSpace LLC, and Rabbit Finance LLC.

investigators believe the attackers could have only stolen the cryptocurrency using private keys extracted by cracking the victim's password vault. The seized digital assets were obtained through a complex chain of transactions that led U.S. Secret Service agents to suspect that the same hackers who breached LastPass were behind the attack.

Detailed Timeline of Events

The investigation into the $23 million crypto heist reveals that the attackers exploited vulnerabilities in the victim's password manager, which was hit by "two major data breaches" in August 2022 and November 2022. This timeline aligns with security breaches disclosed by LastPass three years ago when the company said that attackers stole source code and proprietary technical information, as well as customer vault data.

Security experts have long suspected that the LastPass hackers had cracked some of the stolen vault data and used the extracted private keys and credentials in major cryptocurrency heists. The investigators' findings corroborate these suspicions, suggesting a clear link between the LastPass breach and the $150 million cryptocurrency theft from Ripple co-founder Chris Larsen's XRP wallet.

Law Enforcement Connection

ZachXBT, a crypto fraud investigator, first linked the $23 million in cryptocurrency seized this week to the hack of Larsen's XRP wallet. His findings were corroborated by investigators who believe that U.S. Secret Service agents interviewed the victim and found evidence pointing to the same hackers who breached LastPass.

While investigators did not identify the victim, the details of the investigation reveal a complex web of transactions and hacking efforts. The seizure of $23 million in cryptocurrency is a significant victory for law enforcement, demonstrating their ability to track down and recover stolen digital assets.

LastPass Response

LastPass issued a statement saying that since disclosing the incident back in 2022, they have been working closely with law enforcement agencies. However, their spokesperson noted that "to date, our law enforcement partners have not made us aware of any conclusive evidence connecting any crypto thefts to our incident."

Despite this response, investigators believe that the seized cryptocurrency and other digital assets can provide valuable insights into the hacking methods used by attackers. The investigation continues, with authorities working to unravel the complex chain of transactions and identify those responsible for the $23 million crypto heist.