ChainCatcher news, on-chain detective ZachXBT posted that the password manager LastPass was hacked in 2022, resulting in the theft of nine-figure cryptocurrency. The team has long been covering up the extent of the attack and has gaslighted many confirmed victims. Yesterday, in a forfeiture complaint, even law enforcement publicly agreed that LastPass may be liable for the stolen cryptocurrency.

ChainCatcher news, according to on-chain detective ZachXBT, a forfeiture lawsuit document submitted by U.S. law enforcement yesterday revealed the reason behind Ripple co-founder Chris Larsen's approximately $150 million (283 million XRP) theft incident in January 2024. The incident stemmed from Larsen storing his private key in the LastPass password manager, which suffered a data breach in 2022.The document shows that after the victim entered the cryptocurrency wallet private key into the online password manager, the physical record of the private key would be immediately destroyed. The password manager experienced two major data breaches in August and November 2022, during which attackers stole encrypted passwords and vault data. An FBI investigation found that this stolen data was used to illegally access the electronic accounts of multiple victims, stealing information, cryptocurrency, and other data.

ChainCatcher message, Slow Mist's Chief Information Security Officer 23pds posted on platform X, stating that the open-source password manager KeePass has ads for phishing official websites appearing in Google searches. Once users enter the "fake official website," they will download trojan software. Cryptocurrency users are advised to stay alert to security risks, and Google has begun addressing this issue after receiving complaints.