LastPass 2022 breach enables years of cryptocurrency thefts

Indonesia

A 2022 data breach at password manager LastPass has resulted in prolonged cryptocurrency thefts, according to blockchain intelligence firm TRM Labs. The incident involved stolen user vaults that facilitated around $35 million in losses extending into 2025.

The 2022 breach at LastPass, a popular password management service, compromised user vaults containing sensitive information. This data was exploited by cybercriminals, leading to a series of cryptocurrency thefts that persisted for years. Blockchain analysis company TRM Labs has determined that these stolen credentials enabled approximately $35 million in crypto-related losses, with activities continuing through 2025.

TRM Labs' investigation highlights how the breach provided attackers with access to cryptocurrency wallets and exchange accounts. The firm's findings underscore the long-term risks of data breaches in the cybersecurity landscape, where initial compromises can fuel extended criminal operations. No specific details on the number of affected victims or the exact methods of theft were disclosed in the report.

This case serves as a reminder of the vulnerabilities in password storage solutions and the importance of robust security measures in the digital asset space. As cryptocurrency adoption grows, such incidents emphasize the need for ongoing vigilance against credential-based attacks.

Artikel Terkait

Illustration of North Korean hackers in a cyber command center stealing a record $2 billion in cryptocurrency from global exchanges like Bybit.
Gambar dihasilkan oleh AI

North Korea steals record $2 billion in cryptocurrency in 2025

Dilaporkan oleh AI Gambar dihasilkan oleh AI

North Korean hackers stole a record $2.02 billion in cryptocurrency in 2025, according to a new Chainalysis report, surpassing the previous year's haul by 51 percent and bringing their total to $6.75 billion. The thefts, which accounted for 60 percent of the global total of $3.4 billion stolen, were driven by fewer but larger attacks, including a $1.5 billion breach of the Dubai-based Bybit exchange in February. Experts attribute the success to sophisticated tactics like embedding IT workers in crypto firms and impersonating recruiters.

Russian Networks Linked to Laundering of LastPass Breach's $35M in Stolen Crypto

Following the 2022 LastPass data breach, blockchain firm TRM Labs has tied over $35 million in stolen cryptocurrency to Russian cybercriminals, detailing sophisticated laundering via mixers and exchanges persisting into late 2025.

Penelitian ungkap cacat pada klaim zero-knowledge manajer kata sandi

Dilaporkan oleh AI

Penelitian baru dari ETH Zurich dan USI Lugano mengungkap kerentanan pada manajer kata sandi populer, menantang jaminan mereka bahwa server tidak dapat mengakses brankas pengguna. Studi menganalisis Bitwarden, Dashlane, dan LastPass, mengidentifikasi cara penyerang dengan kendali server dapat mencuri atau memodifikasi data, terutama saat fitur seperti pemulihan akun atau berbagi diaktifkan. Perusahaan mulai menambal masalah sambil membela praktik keamanan keseluruhan mereka.

Teknologi

Platform investasi Betterment kena pelanggaran data

Perancis

Hackers extort French crypto firm Waltio after stealing user data

Kripto

Chainalysis 2026 Report: $17 Billion in 2025 Crypto Scams Amid Surging AI Fraud and Hacks

Trust Wallet confirms second Shai-Hulud supply-chain attack

Trust Wallet has linked a second Shai-Hulud supply-chain attack to a hack on its Chrome extension, resulting in the theft of about $8.5 million in cryptocurrency. The incident involved a malicious version of the extension that exfiltrated users' sensitive wallet data. The company rolled back the compromised software and committed to reimbursing affected users.

Pelanggaran data ungkap detail kartu kredit lebih dari 5,6 juta orang

Dilaporkan oleh AI

Pelanggaran data signifikan telah membahayakan informasi kartu kredit lebih dari 5,6 juta individu. Insiden ini melibatkan 700Credit, di mana data dicuri melalui integrasi API pihak ketiga. Detailnya muncul dalam laporan terbaru tentang ancaman keamanan siber.

Peretas curi data jutaan pengguna Pornhub untuk pemerasan

Peretas telah mengakses dan mencuri informasi pribadi dari jutaan pengguna Pornhub, bertujuan menggunakan data tersebut untuk skema pemerasan. Insiden ini disorot dalam ringkasan berita keamanan WIRED.

Scammers target Trezor and Ledger users with fake mail letters

Dilaporkan oleh AI

Threat actors are mailing physical letters impersonating Trezor and Ledger to trick cryptocurrency hardware wallet users into revealing recovery phrases. The letters create urgency by claiming mandatory checks are required to avoid losing wallet access. Victims scanning included QR codes are directed to phishing sites that steal their wallet information.

23 Maret 2026 09.31

Peneliti temukan kunci API yang bocor di hampir 10.000 situs web

02 Maret 2026 06.16

Polisi Korea Selatan kehilangan 5 juta dolar AS kripto yang disita setelah bocorkan detail dompet

04 Februari 2026 20.07

Pelanggaran data China yang diduga bocorkan 8,7 miliar catatan

23 Januari 2026 02.03

Kebocoran data besar ungkap 149 juta kredensial tanpa perlindungan

21 Januari 2026 17.17

Penyerang rampas aplikasi Snap Store Linux untuk mencuri frasa kripto

17 Januari 2026 01.38

Crypto investor loses $282 million in Trezor wallet scam

08 Januari 2026 01.31

Wrench Attacks on Crypto Holders: Experts Predict 2026 Surge

04 Januari 2026 12.16

Wrench attacks on crypto holders rise in frequency and violence

01 Januari 2026 18.36

Losses from crypto hacks drop 60% in December

24 Desember 2025 06.19

Crypto heists reach record $2.7 billion in 2025

 

 

 

Situs web ini menggunakan cookie

Kami menggunakan cookie untuk analisis guna meningkatkan situs kami. Baca kebijakan privasi kami untuk informasi lebih lanjut.
Tolak