Russian Networks Linked to Laundering of LastPass Breach's $35M in Stolen Crypto

English

Following the 2022 LastPass data breach, blockchain firm TRM Labs has tied over $35 million in stolen cryptocurrency to Russian cybercriminals, detailing sophisticated laundering via mixers and exchanges persisting into late 2025.

Blockchain intelligence firm TRM Labs has deepened its analysis of the 2022 LastPass breach—previously reported for enabling prolonged crypto thefts—revealing direct ties to Russian cybercriminal networks. The password manager hack exposed user vaults, allowing drainings that continued into late 2025.

Attackers obscured the trail using privacy tools: converting assets to Bitcoin via instant swaps, then mixing through Wasabi Wallet and CoinJoin. TRM Labs de-anonymized these using behavioral analysis, tracking wallet software patterns and digital footprints.

Funds ultimately flowed to Russian platforms, including sanctioned exchange Cryptex and Audi6 ($7M deposited). A 'consistent on-chain signature' indicates a single Russia-based group. This underscores Russian exchanges' role in illicit finance, evading global enforcement amid persistent state-linked threats.

Related Articles

North Korean hackers steal $6 billion in crypto since 2017

North Korean state-backed hackers have stolen more than $6 billion in cryptocurrency since 2017, accounting for 76% of all crypto hack losses in 2026. The groups, including Lazarus and DPRK, drained $577 million from DeFi platforms in April alone. TRM Labs highlighted a shift to sophisticated tactics, including in-person social engineering.

Moldova alleges $107 million crypto scheme to influence elections

Reported by AI

Moldova's Anticorruption Center has alleged a $107 million cryptocurrency scheme aimed at influencing elections. Blockchain analysis firm TRM Labs identified connections to a Russia-backed operation that pays agitators using digital currencies.

Crypto

U.S. Treasury sanctions Russian network for crypto-funded cyber tool theft

Crime

Russian court sentences three to five years for crypto robbery attempt

Crypto

Russia may block major crypto exchanges this summer

French police link crypto kidnappings to overseas kingpins

A leaked French police report reveals that overseas criminal masterminds are behind many recent cryptocurrency-related kidnappings in France. Between July 2023 and the end of 2025, authorities recorded 40 such organized cases, with more than half targeting crypto holders or sector workers. Victims, mostly young men flaunting their wealth online, face rising threats coordinated through local recruiters.

May 16, 2026 17:25

Thorchain opens refund portal after $10 million exploit

May 14, 2026 13:53

Tether and partners freeze $450 million in illicit crypto funds

May 12, 2026 21:15

North Korea linked to majority of 2025 crypto hack losses

March 02, 2026 06:16

South Korean police lose $5 million in seized crypto after leaking wallet details

February 23, 2026 06:32

Elliptic reports ongoing sanctions evasion by Russia-linked crypto platforms

This website uses cookies

We use cookies for analytics to improve our site. Read our privacy policy for more information.
Decline