A $ 150 million robbery targeting ripple co-founder Chris Larsen was traced back to a security lapse involving password manager LastPass, according to a Forfeiture complaint filed by US law enforcement in March 6 flagged by blockchain Sleuth ZachxBT.
ZachXBT shared that the complaint was detailed as to how Larsen’s private keys – or code to access one’s token holders – were stored in the LastPass, the widely used password manager who suffered a major violation of 2022.
At this time, hackers stole the source code and technical data by compromising a developer’s account. Through that year’s November, they used this accessibility to enter a cloud storage system, stealing the customer’s password vaults and not being metadata for approximately 25 million users.
Although the ‘vaults’ are encrypted, weak or re-used master’s passwords can be brute-port, exposing stored data.
Hackers took advantage of this weakness, accessing Larsen’s keys and stopping the XRP, worth $ 150 million at the time of theft and over $ 600 million up to Saturday prices.
“A Forfeiture complaint filed yesterday by U.S. law enforcement revealed the reason for the ~ $ 150m (283m XRP) hack of the ripple co-founder, Chris Larsen’s purse in January 2024 was the result of storing private keys in the lastpass (password manager hacked in 2022),” Zachxbt wrote to his telegram in 2022)), ” Manager.
“To this point Chris Larsen has not revealed the cause of the robbery,” he added.
Larsen confirmed the incident in January, where he clarified the hack that only affects his personal accounts, not Ripple’s corporate wallets. He has not yet commented on the public in the forfeiture notice.
The fall from 2022 LastPass Hack is wide and remains continuous. In December, the Security Alliance (SEAL), a team of cybersecurity experts dedicated to the crypto market, Attached Crypto losses connected to the violation touched at least $ 250 million to May 2024.
