LastPass Breach Connected to $5.4 Million Cryptocurrency Theft

This past week, Information Security Media Group reported several notable cybersecurity incidents within the digital asset space. These include a breach of LastPass leading to a $5.4 million theft in cryptocurrency, the emergence of CoinLurker malware utilizing fake updates for data exfiltration, a significant seizure of 27 million euros in cryptocurrency linked to organized crime, and nearly 800 arrests in a large-scale romance scam based in Nigeria.

See Also: OnDemand | NSM-8 Deadline July 2022: Keys for Quantum-Resistant Algorithms Implementation

The recent findings indicate that hackers involved in the 2022 LastPass breach have stolen $5.4 million in cryptocurrency. This theft targeted more than 40 wallet addresses, as reported by blockchain analyst ZachXBT. The attackers managed to convert the stolen funds into Bitcoin after initially swapping them for Ethereum through instant exchanges. This incident marks a continuation of theft tied to the breach, following earlier thefts of $4.4 million in October 2023 and $6.2 million in February.

Initially, the breach compromised sensitive customer data, including keys and API tokens, which allowed attackers to specifically target crypto wallets. In light of this, ZachXBT has advised all users who stored their keys with LastPass to transfer their assets immediately. In response, LastPass has stated to The Block that there is no definitive evidence directly associating these thefts with its breach.

CoinLurker malware, delineated by cybersecurity firm Morphisec, is employing fake update notifications to deliver its malicious payload. The malware uses sophisticated evasion techniques such as EtherHiding and in-memory execution, making it particularly hard to detect. Victims are typically lured through phishing emails, fake software update messages, and malvertising techniques.

Once the malware is downloaded, it operates through legitimate platforms, including Microsoft’s Webview2, which triggers its operation upon user interactions. CoinLurker employs advanced strategies, such as utilizing Binance Smart Contracts and Bitbucket repositories to subtly deliver malicious content while remaining embedded within legitimate processes. Its primary targets include cryptocurrency wallets, as it scans for sensitive information specific to Bitcoin, Ethereum, and other lesser-known cryptocurrencies.

In a collaborative operation involving law enforcement across multiple European nations and the United States, authorities have apprehended nine drug traffickers and seized cryptocurrency valued at 27 million euros. This operation dismantled an underground banking network that facilitated significant money laundering operations for drug trafficking and other serious crimes. The expertise and digital forensics provided by global stablecoin issuers and cryptocurrency asset providers proved crucial in tracing and securing these digital assets during the investigation.

In addition to the cryptocurrency, law enforcement officials also confiscated luxury items, gold, and cash, showcasing the extent of this organized crime operation.

The Economic and Financial Crimes Commission in Nigeria has apprehended 792 individuals connected to a large crypto-romance scam. The raid, executed on December 10, pinpointed a fraudulent network operating out of a seven-storey facility in Lagos, as reported by Reuters. Among the suspects were 148 Chinese and 40 Filipino nationals who ran a call-centered operation focused on scamming victims across North America and Europe.

The scammers utilized social media channels like WhatsApp and Instagram to forge fake romantic relationships or extend fictitious cryptocurrency investment opportunities. Initially, Nigerian accomplices gained victims’ trust through online interactions, while foreign orchestrators enacted the scams.

The commission has seized computers, mobile devices, and vehicles in the wake of the investigation and is actively collaborating with international partners to explore any links to organized crime.