The Ripple co-founder Chris Larsen has become the victim of a staggering $150 million theft, a crime connected to a security vulnerability involving the popular password manager, LastPass. This alarming revelation was brought to light by blockchain investigator ZachXBT, who shared insights from a forfeiture complaint filed by U.S. law enforcement on March 6.
The Security Flaw Behind the Heist
According to the details shared by ZachXBT, the forfeiture complaint outlines how Larsen’s private keys—essentially the digital codes required to access cryptocurrency holdings—were stored in LastPass. This widely used password management service experienced a significant breach in 2022, which laid the groundwork for this massive theft.
LastPass fell victim to hackers who compromised a developer’s account, allowing them to steal source code and technical information. By November 2022, the attackers had further infiltrated a cloud storage system, leading to the theft of encrypted customer password vaults and unencrypted metadata affecting approximately 25 million users.
Exploiting Weak Security Measures
Although LastPass encrypted its vaults, the security of these vaults could be compromised by weak or reused master passwords, making them susceptible to brute-force attacks. Unfortunately, the hackers capitalized on this vulnerability, gaining access to Larsen’s private keys and draining his XRP holdings, which were valued at $150 million at the time of the theft and have since exceeded $600 million as of recent market prices.
ZachXBT noted on his Telegram channel, “A forfeiture complaint filed yesterday by US law enforcement revealed the cause for the ~$150M (283M XRP) hack of Ripple co-founder, Chris Larsen’s wallet in Jan 2024 was the result of storing private keys in LastPass.” He also mentioned that until this disclosure, Larsen had not publicly revealed the reason behind the breach.
Larsen’s Response to the Incident
In January, Chris Larsen confirmed the hacking incident, emphasizing that it affected only his personal accounts and did not compromise Ripple’s corporate wallets. However, he has yet to provide a public response to the forfeiture notice that has emerged from this investigation.
The Ongoing Fallout from the LastPass Breach
The repercussions of the 2022 LastPass hack continue to unfold. A report from The Security Alliance (SEAL), a group of cybersecurity experts focused on the cryptocurrency sector, revealed in December that losses related to the breach had reached at least $250 million as of May 2024. This incident serves as a stark reminder of the vulnerabilities inherent in widely used digital security solutions and the importance of robust security practices for cryptocurrency holders.
In conclusion, the connection between Larsen’s $150 million XRP theft and the LastPass hack underscores the critical need for enhanced security measures in the digital age. As more individuals and organizations engage with cryptocurrencies, understanding and mitigating security risks will be paramount to safeguarding digital assets.
