- LastPass vaults stolen in 2022 breach are still hacked, enabling crypto theft years later
- TRM Labs reports that approximately $35 million was stolen, with funds laundered through mixing services
- Previous findings from MetaMask suggest that true losses could approach $100 million, as seed phrases remain prime targets.
The data breach incident at LastPass, which occurred over three years ago, still allows for cryptocurrency theft. In fact, cybercriminals have managed to steal around $35 million to date by hacking into stolen LastPass vaults, according to researchers.
In August 2022, LastPass (which was considered one of the best password managers at the time) suffered a data breach that allowed attackers to get away with users’ password vaults.
These are basically encrypted folders where users store their passwords and other secrets, protected by a master password. Without this, it is impossible to decrypt the folder and access its contents.
Stealing seed phrases
This doesn’t mean attackers can’t attempt to brute force their way in, using specialized hardware and software. If the master password is relatively weak (a simple combination, for example), they may be able to crack it: “Depending on the length and complexity of your master password and the number of iterations setting, you may want to reset your master password,” LastPass warned at the time of the breach.
Blockchain analytics firm TRM Labs has released a new report, claiming that cybercriminals have managed to break into many of these vaults containing seed phrases – strings of 12 or 24 words that allow users to load a cryptocurrency wallet into a new account and access all the funds within it.
“The link in the report is not based on direct attribution to individual LastPass accounts, but on a correlation between down-chain activity and the known impact pattern of the 2022 breach,” TRM said. BeepComputer. “This created a scenario in which wallet leaks would occur well after the initial breach, rather than immediately, and in distinct waves.”
TRM Labs also said that scammers have been stealing all kinds of cryptocurrencies, converting them to bitcoins, and then trying to cover their tracks using mixing services (essentially crypto laundering tools). Researchers concluded that more than $28 million was stolen and laundered in this way in late 2024 and early 2025, and that an additional $7 million was linked to the September 2025 attacks.
It’s also worth mentioning that a separate report, published by wallet maker MetaMask in September 2023, also states that scammers stole $35 million this way, which could mean the real figure is now closer to $100 million.
TRM claims that most of the funds were collected through Russian exchanges.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
