Russian Networks Linked to Laundering of LastPass Breach's $35M in Stolen Crypto

Italiano

Following the 2022 LastPass data breach, blockchain firm TRM Labs has tied over $35 million in stolen cryptocurrency to Russian cybercriminals, detailing sophisticated laundering via mixers and exchanges persisting into late 2025.

Blockchain intelligence firm TRM Labs has deepened its analysis of the 2022 LastPass breach—previously reported for enabling prolonged crypto thefts—revealing direct ties to Russian cybercriminal networks. The password manager hack exposed user vaults, allowing drainings that continued into late 2025.

Attackers obscured the trail using privacy tools: converting assets to Bitcoin via instant swaps, then mixing through Wasabi Wallet and CoinJoin. TRM Labs de-anonymized these using behavioral analysis, tracking wallet software patterns and digital footprints.

Funds ultimately flowed to Russian platforms, including sanctioned exchange Cryptex and Audi6 ($7M deposited). A 'consistent on-chain signature' indicates a single Russia-based group. This underscores Russian exchanges' role in illicit finance, evading global enforcement amid persistent state-linked threats.

Articoli correlati

Illustration of North Korean hackers in a cyber command center stealing a record $2 billion in cryptocurrency from global exchanges like Bybit.
Immagine generata dall'IA

North Korea steals record $2 billion in cryptocurrency in 2025

Riportato dall'IA Immagine generata dall'IA

North Korean hackers stole a record $2.02 billion in cryptocurrency in 2025, according to a new Chainalysis report, surpassing the previous year's haul by 51 percent and bringing their total to $6.75 billion. The thefts, which accounted for 60 percent of the global total of $3.4 billion stolen, were driven by fewer but larger attacks, including a $1.5 billion breach of the Dubai-based Bybit exchange in February. Experts attribute the success to sophisticated tactics like embedding IT workers in crypto firms and impersonating recruiters.

LastPass 2022 breach enables years of cryptocurrency thefts

A 2022 data breach at password manager LastPass has resulted in prolonged cryptocurrency thefts, according to blockchain intelligence firm TRM Labs. The incident involved stolen user vaults that facilitated around $35 million in losses extending into 2025.

Crypto investor loses $282 million in Trezor wallet scam

Riportato dall'IA

A cryptocurrency investor lost over $282 million in Bitcoin and Litecoin after scammers impersonated Trezor support to steal a recovery seed phrase. The theft, revealed on January 16, 2026, by investigator ZachXBT, involved 1,459 Bitcoin and 2.05 million Litecoin stolen on January 10. The attacker laundered funds through Thorchain and converted them to Monero, causing the privacy coin's price to surge 36%.

Francia

Hackers extort French crypto firm Waltio after stealing user data

Asia

North Korean Lazarus group suspected in Upbit crypto hack

Crypto

Iran's IRGC moved $1 billion through UK crypto exchanges

Losses from crypto hacks drop 60% in December

The cryptocurrency industry experienced a significant reduction in hack-related losses last December, totaling $76 million, according to blockchain security firm PeckShield. This marks a 60% decrease from November's $194.2 million in damages. Despite the improvement, 26 major exploits still occurred, highlighting ongoing vulnerabilities.

Update: Spanish Police Dismantle Transnational Crypto 'Wrench Attack' Ring

Riportato dall'IA

Following initial arrests reported last week, Spanish authorities have charged four more suspects in Denmark, fully dismantling a criminal network behind the April kidnapping and murder of a crypto holder near Málaga. The operation highlights rising 'wrench attacks' on digital asset owners.

Attackers hijack Linux Snap Store apps to steal crypto phrases

Cybercriminals have compromised trusted Linux applications on the Snap Store by seizing expired domains, allowing them to push malware that steals cryptocurrency recovery phrases. Security experts from SlowMist and Ubuntu contributor Alan Pope highlighted the attack, which targets established publisher accounts to distribute malicious updates impersonating popular wallets. Canonical has removed the affected snaps, but calls for stronger safeguards persist.

Nine arrested in Europe over €600 million crypto scam

Riportato dall'IA

European authorities have arrested nine suspects in a multinational operation targeting a cryptocurrency investment fraud network that stole at least €600 million from victims. The late October sweep involved agencies from several countries and resulted in the seizure of cash, cryptocurrency, and luxury items. Victims were lured through deceptive online tactics but could not recover their funds.

27 gennaio 2026 12:08

Chinese-language networks laundered $16.1 billion in crypto in 2025

23 gennaio 2026 02:03

Huge data leak exposes 149 million credentials without protection

13 gennaio 2026 05:14

US official: North Korea stole over $2B in crypto last year to fund weapons

13 gennaio 2026 03:21

Chainalysis 2026 Report: $17 Billion in 2025 Crypto Scams Amid Surging AI Fraud and Hacks

08 gennaio 2026 14:30

Chainalysis 2026 Crypto Crime Report: $154 Billion Surge in 2025 Illicit Crypto Volumes

08 gennaio 2026 01:31

Wrench Attacks on Crypto Holders: Experts Predict 2026 Surge

04 gennaio 2026 12:16

Wrench attacks on crypto holders rise in frequency and violence

01 gennaio 2026 11:23

Trust Wallet confirms second Shai-Hulud supply-chain attack

24 dicembre 2025 06:19

Crypto heists reach record $2.7 billion in 2025

14 dicembre 2025 16:46

Brazil dismantles $500 million crypto money laundering group

 

 

 

Questo sito web utilizza i cookie

Utilizziamo i cookie per l'analisi per migliorare il nostro sito. Leggi la nostra politica sulla privacy per ulteriori informazioni.
Rifiuta