https://bit.ly/49eY2ng - 🔒 A recent report reveals that hackers have misappropriated $4.4 million in cryptocurrency, leveraging private keys and passphrases extracted from stolen LastPass databases. This alarming incident was uncovered by crypto fraud researchers, including ZachXBT and MetaMask developer Taylor Monahan. Their investigation found that over 25 victims were impacted due to a LastPass breach that occurred in 2022. #CyberSecurity #LastPassBreach #CryptoTheft 🕵️‍♂️ In 2022, LastPass experienced two significant security breaches, resulting in the theft of source code, customer data, and encrypted password vaults from cloud services. At that time, LastPass CEO Karim Toubba assured users that the encrypted vaults were secure, provided they used strong master passwords. However, the company advised those with weaker passwords to reset their master passwords, acknowledging the risks of easier password cracking. #DataBreach #PasswordSecurity #LastPass 💻 The research conducted by Monahan and ZachXBT suggests that the attackers cracked these stolen password vaults to access stored cryptocurrency wallet passphrases, credentials, and private keys. With this information, the hackers could transfer the funds to their devices and deplete the wallets. Brian Krebs's report on this research links over $35 million in thefts to these same threat actors. #DigitalForensics #CryptoWalletSecurity #Hacking 🚨 Monahan's tweets in August indicated a strong correlation between compromised keys and LastPass, highlighting the gravity of the situation. The researchers are confident that the attackers successfully cracked passwords for vaults, exploiting the stolen information for their illicit activities. As a precautionary measure, LastPass users who had accounts during the August and December 2022 breaches are strongly advised to reset all passwords, including their master password.