A $150 million heist from Ripple co-founder Chris Larsen’s digital wallet has been traced back to a security lapse at LastPass, as detailed in a forfeiture complaint submitted by U.S. authorities on March 6th.
The complaint, brought to light by blockchain analyst ZachXBT, outlines how cybercriminals gained access to Larsen’s private keys stored in LastPass, a password management tool that suffered a substantial breach in 2022.
During the LastPass breach, cyber attackers infiltrated a developer’s account, facilitating the theft of source code and technical information. By November of that year, they had breached a cloud storage system, acquiring encrypted customer password vaults and unencrypted metadata impacting roughly 25 million users. While the vaults were secured with encryption, weak or reused master passwords could be manipulated, granting unauthorized access to confidential information.
- Nigeria Moves to Protect Citizens Amid South Africa Unrest
The Federal Government has approved evacuation flights for Nigerians affected by xenophobic unrest in South Africa, providing support and safe return options for impacted citizens. - Nigeria’s Latest Telecom Decision Is Making Waves Across Africa
Nigeria’s approval of nine airtime-credit providers could transform digital lending and telecom-based financial services across Africa, creating new opportunities for consumers and businesses. - Nigeria’s Oil Industry Set for Major Boost as Regulators Partner to Cut Costs and Improve Safety
Nigeria’s oil sector could see increased investment and efficiency as regulators collaborate to reduce production costs and strengthen safety standards across the industry. - Nigerian Military Issues New School Safety Guidelines Amid Rising Kidnapping Concerns
The Nigerian military has released new school safety guidelines aimed at protecting students and staff from kidnapping threats. Learn what the measures mean for schools and communities. - More Than 1,000 Nigerians Register For Voluntary Repatriation From South Africa
More than 1,000 Nigerians have applied for voluntary repatriation from South Africa following recent xenophobic attacks. Here’s what the development means for both countries.
These vulnerabilities were exploited, resulting in the theft of Larsen’s private keys and the subsequent theft of XRP worth $150 million at the time of the event, which has since soared past $600 million at current market values. ZachXBT pointed out that prior to this complaint, Larsen had not publicly revealed the details of the theft.
In January, Larsen acknowledged the incident, clarifying that the hack was confined to his personal accounts and did not affect Ripple’s corporate wallets. He has yet to provide any comments regarding the forfeiture notice.