Low Interest Rates Cause Currency Issues in Developing Economies
Philippines Considers TikTok Ban for National Security
Volvo Trucks Cutting Jobs in Umeå: 400 Employees Affected
Swedish Pension Fund's Legal Head Leaves Amid SVB Loss Controversy
Volkswagen Cutting Jobs at Uncompetitive VW Brand
High Immigration Levels Fail to Solve UK Labor Shortages and Inflation
Swedish Landlord SBB Buys Back €417 Million in Bonds to Improve Finances
Europe Boosts Diesel Imports from India Amid Russian Oil Ban
German, French, and South African Firms Eye Angola's Luanda Airport
Last update: 31 oktober 2023
On October 25th, hackers stole $4.4 million in cryptocurrency by getting hold of private keys and passphrases stored in stolen LastPass databases. This information was discovered by crypto researchers ZachXBT and Taylor Monahan, who have been investigating similar crypto thefts.
They have found a common factor among victims: they all used LastPass for managing their passwords. In 2022, LastPass experienced two security breaches. During these breaches, attackers accessed source code, customer data, and cloud backups, which included encrypted password vaults. LastPass assured its customers that their vaults were secure as long as they had strong master passwords.
However, those with weaker passwords were advised to reset them because they were more vulnerable to being cracked by specialized programs. Monahan and ZachXBT suspect that the hackers are decrypting the stolen password vaults to access cryptocurrency wallet passphrases, credentials, and private keys. With this information, the hackers can move the funds into their own wallets.
Research suggests that these attackers may be responsible for more than $35 million in crypto thefts. Therefore, it is crucial for LastPass users who had accounts during the August and December 2022 breaches to reset all their passwords, including the master password.
Source: Bleeping Computer