Cryptocurrency thefts linked to the 2022 LastPass breach have been traced through blockchain analysis, revealing a prolonged campaign of wallet draining and money laundering via Russian exchanges. The investigation highlights the involvement of Russian cybercriminal groups and the sophisticated use of privacy techniques like CoinJoin. #LastPassBreach #TRMLabs #RussianCybercrime #CoinJoin
Keypoints
- In 2022, LastPass experienced a breach that compromised source code and encrypted password vaults containing sensitive data.
- Cryptocurrency wallets stored within vaults were drained years later through a coordinated decryption and laundering campaign.
- TRM Labs traced the stolen fundsβ movement through privacy-enhanced transactions using Wasabi Wallet and CoinJoin techniques.
- Investigators linked the crypto thefts to Russian cybercriminal groups based on transaction patterns and wallet analysis.
- Over $28 million, plus additional funds, was stolen and laundered through Russian exchanges in a prolonged cybercrime operation.