In a shocking twist just days before Christmas, the notorious LastPass hackers have targeted another 40 victims, stealing a massive $5.36 million in crypto.
This comes as part of a string of attacks following the December 2022 data breach, where hackers accessed encrypted vault data, compromising users’ private keys and seed phrases.
The total stolen so far now exceeds $45 million, including a $4.4 million theft from October. In the latest attack, blockchain investigator ZachXBT tracked the stolen funds, which were converted to Ether and moved through various exchanges.
This serves as a harsh reminder for anyone who stored crypto on LastPass before 2023 to move their assets immediately, as hackers are still active.
The LastPass hacks are just the latest in a surge of scams during the holiday season, often referred to as “hacker season.” Blockchain security experts, including the SEAL team, have warned users to transfer their funds before hackers do it for them.
It’s also important to stay alert for scams during this festive period, with Meta and Cyvers both cautioning against fraudulent gift offers, fake discounts, and phishing attempts.
This wave of cybercrime highlights the increasing need for vigilance, particularly with crypto. As scammers target the holiday shopping rush, users are urged to safeguard their assets by moving them from LastPass and avoiding suspicious links or deals.
