breach🌐InternationalBleepingComputer
LastPass 2022 Breach Linked to $35M+ Crypto Thefts & Laundering
Friday, January 2, 2026
What
Attackers exploited the 2022 LastPass breach to steal encrypted password vaults, subsequently cracking weak master passwords to extract cryptocurrency wallet private keys. This matters because it demonstrates the long-term impact of data breaches and sophisticated methods used to decrypt stolen data and launder funds.
Where
LastPass customers, cryptocurrency wallets, Russian-linked exchanges (Cryptex, Audi6).
When
Breach disclosed in 2022; crypto thefts occurred in waves in late 2024 and throughout 2025.
Key Factors
- •The thefts are linked to the offline cracking of encrypted LastPass vaults stolen in 2022, targeting users with weak master passwords to extract cryptocurrency private keys.
- •Attackers employed sophisticated laundering techniques, converting stolen crypto to Bitcoin, routing it through Wasabi Wallet's CoinJoin, and then cashing out via Russian-linked exchanges.
- •TRM Labs successfully "demixed" CoinJoin transactions by analyzing behavioral characteristics, enabling the tracing of over $35 million in stolen funds to Russian-based operational control.
Takeaways
- →Users of password managers must employ strong, unique master passwords and enable multi-factor authentication to protect against offline cracking of stolen vaults.
- →Cryptocurrency users should store private keys offline or in hardware wallets, separate from password managers, to mitigate risks from such breaches.
Read Full Article
Opens original article on BleepingComputer
