- LastPass Vaults Stolen in 2022 Breach Still Being Cracked, Allowing Crypto Theft Years Later
- TRM Labs reports ~$35 million theft, with funds laundered through mixing services
- MetaMask’s previous findings suggest that actual losses may be closer to $100 million as seed phrases remain the primary targets.
The LastPass data breach incident, which occurred more than three years ago, still allows cryptocurrency theft. In fact, cybercriminals have managed to steal approximately $35 million to date by breaching stolen LastPass vaults, researchers said.
In August 2022, LastPass (which was considered one of the best password managers out there at the time) suffered a data breach that allowed attackers to get away with people’s password vaults.
These are essentially encrypted folders where users store their passwords and other secrets, guarded by a master password. However, without it, it is impossible to decrypt the folder and access its contents.
Steal seed phrases
That doesn’t mean attackers can’t try to break in by brute force, using specialized hardware and software. If the master password is relatively weak (a simple combination, for example), they may be able to crack it: “Depending on the length and complexity of your master password and your iteration count settings, you may want to reset your master password,” LastPass warned at the time of the breach.
Blockchain analysis firm TRM Labs has published a new report, saying that cybercriminals managed to break into many of these vaults containing seed phrases: strings of 12 or 24 words that allow users to load a cryptocurrency wallet into a new account and access all the funds found inside.
“The link in the report is not based on direct attribution to individual LastPass accounts, but rather on correlation of subsequent on-chain activity with the known impact pattern of the 2022 breach,” TRM said. beepcomputer. “That created a scenario where portfolio drains would occur long after the original breach, rather than immediately, and in different waves.”
TRM Labs also said that criminals stole all types of cryptocurrencies, converted them into bitcoins, and then attempted to cover their tracks using mixing services (essentially cryptocurrency laundering tools). Investigators concluded that more than $28 million was stolen and laundered this way in late 2024 and early 2025, and that an additional $7 million was linked to attacks in September 2025.
It’s also worth mentioning that a separate report, published by wallet makers MetaMask in September 2023, also said that criminals stole $35 million this way, which could mean the real figure is now closer to $100 million.
TRM says most of the funds were withdrawn using Russian exchanges.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
