TL;DR
- On-chain researcher ZachXBT uncovered a $5.36 million wallet-draining attack linked to the 2022 LastPass data breach, affecting over 40 wallets.
- The attackers, identified as the “LastPass threat actor,” gained full control of private keys and moved the stolen funds to the FixedFloat swap service.
- Victims included crypto influencers and active DeFi users, with ZachXBT advising users to abandon potentially exposed wallets to protect their assets.
On-chain researcher ZachXBT has uncovered another significant wallet-draining attack, this time involving $5.36 million worth of Bitcoin and Ethereum assets. The attack, which affected over 40 wallets, has been linked to the infamous LastPass data breach, highlighting the ongoing vulnerabilities in the cryptocurrency space.
Details of the Attack
The wallets targeted in this attack were all connected to the LastPass data breach that occurred in 2022. The attackers, identified by ZachXBT as the “LastPass threat actor,” managed to drain the wallets by gaining full control of the private keys. The stolen funds were then swiftly moved to the FixedFloat swap service, indicating a well-coordinated effort to obscure the trail of the stolen assets.
Impact on Wallet Owners
The victims of this attack include a mix of crypto influencers, active DEX and DeFi users, and even some with ENS names. Despite their experience, these wallet owners suffered total losses due to the attackers’ ability to monitor and drain the wallets immediately after any incoming transactions. In one notable case, funds received from an OpenSea user, potentially from an NFT sale, were quickly drained and sent for an anonymous swap.
Historical Context and Previous Attacks
This latest attack is not an isolated incident. ZachXBT had previously tracked an earlier batch of 22 addresses, with losses exceeding $6.2 million. The ongoing threat posed by the LastPass data breach has been a persistent issue, with previous attacks in October 2023 draining $4.4 million from 25 wallets. Despite warnings and efforts to secure exposed wallets, the hackers have continued to exploit vulnerabilities.
Recommendations for Users
In light of these attacks, ZachXBT and other on-chain researchers have advised users to abandon any wallets potentially exposed to the LastPass breach. The only way to ensure the safety of funds is to move them to new addresses, as the compromised wallets are being actively monitored for incoming transactions. Users are urged to take immediate action to protect their assets from further attacks.
The $5.36 million wallet-draining attack uncovered by ZachXBT underscores the critical need for robust security measures in the cryptocurrency space. As the market continues to grow, the importance of safeguarding private keys and using secure storage solutions cannot be overstated.
