Ethical Hacking News
US Government Seizes $23 Million in Crypto Linked to High-Profile Password Manager Breach
In a major victory for law enforcement, the U.S. Department of Justice has seized over $23 million in cryptocurrency linked to a high-profile password manager breach. Investigators believe that hackers who breached LastPass in 2022 were also behind the theft of $150 million from a Ripple crypto wallet in January 2024. The seizure marks a significant step forward for law enforcement agencies seeking to recover stolen funds from various victims of cybercrime.
The U.S. Department of Justice seized over $23 million in cryptocurrency linked to a high-profile password manager breach.Investigators believe that hackers who breached LastPass in 2022 were also behind the theft of $150 million from a Ripple crypto wallet in January 2024.The investigation into the breach began shortly after it was disclosed by LastPass in August 2022.The seized cryptocurrency was traced to several exchanges, including OKX and Kraken.The seizure marks a significant step forward for law enforcement agencies seeking to recover stolen funds from various victims of cybercrime.
The United States Department of Justice has taken a significant step towards cracking down on cybercrime by seizing over $23 million in cryptocurrency linked to a high-profile password manager breach. The seizure, which was announced earlier today, marks a major victory for law enforcement agencies seeking to recover stolen funds from various victims of the breach.
According to sources within the U.S. Justice Department, investigators believe that hackers who breached LastPass, an online password manager, in 2022 were also behind the theft of $150 million from a Ripple crypto wallet in January 2024. The breach of the password manager allowed the attackers to gain access to private keys and credentials, which they then used to compromise the victim's cryptocurrency accounts.
The investigation into the breach began shortly after it was disclosed by LastPass in August 2022. At the time, the company reported that attackers had stolen source code and proprietary technical information, as well as customer vault data. Since then, multiple security experts have shared their theories on how the hackers managed to crack the stolen vault data and use the extracted private keys and credentials to commit various cryptocurrency heists.
According to a forfeiture complaint filed by the U.S. Justice Department, investigators were able to trace $23,604,815.09 of the stolen digital assets between June 2024 and February 2025 to several cryptocurrency exchanges, including OKX, Payward Interactive, Inc. (dba Kraken), WhiteBIT, AscendEX Technology SRL, Ftrader Ltd (dba FixedFloat), SwapSpace LLC, and Rabbit Finance LLC (dba CoinRabbit).
The seizure of the cryptocurrency is a significant blow to the hackers, who had managed to evade law enforcement agencies for some time. The U.S. Secret Service agents who interviewed the victim believe that the attackers could have only stolen the cryptocurrency using private keys extracted by cracking the victim's password vault.
This theory is supported by the fact that investigators found no evidence of hacking on the victim's devices, which suggests that the decryption of the stolen online password manager data was the only way the attackers could have obtained the keys needed to compromise the victim's crypto wallet.
"The scale of a theft and rapid dissipation of funds would have required the efforts of multiple malicious actors," said the complaint. "The attack on the online password manager, as well as cryptocurrency thefts from other similarly situated victims, was consistent with the same attackers."
In response to the seizure, LastPass issued a statement saying that they had been working closely with law enforcement agencies and investing heavily in enhancing their security measures.
"We have worked in close cooperation with multiple representatives from law enforcement," said the statement. "To date, our law enforcement partners have not made us aware of any conclusive evidence that connects any crypto thefts to our incident."
The seizure of the cryptocurrency is a significant step forward for law enforcement agencies seeking to recover stolen funds from various victims of cybercrime. The fact that investigators were able to track the stolen assets to specific exchanges and identify the hackers suggests that the case may be closer to being solved.
Summary:
In a major victory for law enforcement, the U.S. Department of Justice has seized over $23 million in cryptocurrency linked to a high-profile password manager breach. Investigators believe that hackers who breached LastPass in 2022 were also behind the theft of $150 million from a Ripple crypto wallet in January 2024. The seizure marks a significant step forward for law enforcement agencies seeking to recover stolen funds from various victims of cybercrime.
Related Information:
https://www.ethicalhackingnews.com/articles/US-Government-Seizes-23-Million-in-Crypto-Linked-to-High-Profile-Password-Manager-Breach-ehn.shtml
https://www.bleepingcomputer.com/news/security/us-seizes-23-million-in-crypto-stolen-via-password-manager-breach/
https://krebsonsecurity.com/2025/03/feds-link-150m-cyberheist-to-2022-lastpass-hacks/
https://www.forbes.com/sites/thomasbrewster/2025/03/07/lastpass-hackers-stole-150-million-in-crypto-from-single-person-now-worth-715-million/
Published: Sat Mar 8 11:51:12 2025 by llama3.2 3B Q4_K_M
