In recent years, LastPass has repeatedly faced security incidents, with the most notable being the cyberattack at the end of 2022. Hackers successfully gained access to LastPass's source code and technical information from its development environment through a compromised employee account. This breach allowed the attackers to obtain login credentials and encryption keys, enabling them to extract data from cloud-stored backups. The stolen information included basic customer account details and related data such as company names, end-user names, billing addresses, emails, phone numbers, and IP addresses used to access LastPass services. Cybercriminals then leveraged this stolen information to drain funds from users' cryptocurrency wallets. Reports indicate that the total amount stolen reached $5.36 million from 40 cryptocurrency wallets.
According to TechRadar, the major LastPass data breach in 2022 paved the way for a series of attacks on users' cryptocurrency wallets, resulting in millions of dollars in stolen funds. The latest attack was discovered by blockchain expert ZachXBT, who revealed that hackers exploited LastPass's security vulnerabilities to infiltrate its cloud storage environment. By gathering critical user information, they launched targeted attacks to steal cryptocurrency. The stolen funds were then converted into Ethereum (ETH) and further laundered through instant exchanges before being transferred into Bitcoin.
Although password vaults stored in LastPass are encrypted, weak or leaked master passwords allowed hackers to use brute-force attacks to crack them. This is considered one of the key factors that led to the theft of cryptocurrency from LastPass users.
Common causes of security breaches
- Insufficiently Secure Storage: Cloud storage protection measures may not be fully encrypted or strong enough to prevent unauthorized access.
- Weak passwords: A weak or previously leaked master password—especially when reused across multiple accounts—creates an easy entry point for hackers to access encrypted data.
- Lack of comprehensive protection: Many LastPass accounts did not enable Multi-Factor Authentication (MFA), increasing the risk of unauthorized access when hackers obtained login credentials.
Expert recommendations for account security
Cybersecurity experts advise users to implement strong password practices by using reliable password generators and managers. To enhance security, users should enable Two-Factor Authentication (2FA) or use security keys, especially for applications that support biometric verification. These measures help protect accounts even if hackers obtain login credentials.
See more: YubiKey two-factor authentication solutionSource: Thanh Nien Newspaper