Russian Cybercrime Networks Tied to $35 Million LastPass Crypto Laundering
Russian cybercriminals are probably accountable for the laundering of greater than $35 million in cryptocurrency stolen from LastPass customers, in accordance to a report by blockchain intelligence agency TRM Labs.
The evaluation linked the multi-year drain of crypto wallets to the 2022 breach of the password supervisor LastPass. It famous that the stolen funds moved by illicit monetary infrastructure tied to Russia’s cybercriminal underground.
How Russian Cybercriminals Laundered the Stolen Funds
TRM Labs researchers discovered that the attackers used privateness protocols to obscure the cash path, however in the end routed the funds to Russia-based platforms.
According to the report, the perpetrators have continued to siphon property from compromised vaults as not too long ago as late 2025.
The malicious actors systematically laundered the stolen funds by off-ramps that Russian menace actors have traditionally used. One of these venues was Cryptex, an trade at present sanctioned by the US Office of Foreign Assets Control (OFAC).
TRM Labs stated they recognized a “constant on-chain signature” tying the thefts to a single, coordinated group.
The attackers repeatedly transformed non-Bitcoin property into Bitcoin utilizing instantaneous swap providers. The funds had been then moved to mixing services such as Wasabi Wallet and CoinJoin.
These instruments are designed to pool funds from a number of customers to scramble transaction histories, theoretically making them untraceable.
However, the report highlights a big failure in these privateness applied sciences. Analysts had been in a position to “de-mix” the transactions utilizing behavioral continuity evaluation.
Investigators tracked particular digital footprints, akin to how pockets software program imported personal keys, and efficiently unwound the blending course of. This allowed them to comply with the digital forex by the privateness protocols and observe its ultimate deposit into Russian exchanges.
In addition to Cryptex, investigators traced roughly $7 million in stolen funds to Audi6, one other trade service working inside the Russian cybercriminal ecosystem.
The report notes that the wallets interacting with the mixers confirmed “operational ties” to Russia each earlier than and after the laundering course of. This suggests the hackers weren’t merely renting infrastructure however working immediately from the area.
The findings underscore Russia crypto platforms’ position in enabling international cybercrime.
By offering liquidity and off-ramps for stolen digital property, these exchanges permit legal teams to monetize information breaches whereas evading international law enforcement.
The put up Russian Cybercrime Networks Tied to $35 Million LastPass Crypto Laundering appeared first on BeInCrypto.