Ripple Co-founder’s $150M XRP Heist Related to LastPass Hack: ZachXBT

BTC $ 86,045.06 - 3.47 % ETH $ 2,146.75 - 1.54 % USDT $ 0.9999 - 0.03 % XRP $ 2.3317 - 7.65 % BNB $ 594.39 - 0.81 % SOL $ 137.80 - 3.55 % USDC $ 1.0001 - 0.01 % ADA $ 0.8057 - 7.83 % DOGE $ 0.1949 - 4.40 % TRX $ 0.2451 + 0.56 % WBTC $ 85,849.46 - 3.53 % LINK $ 15.35 - 9.39 % HBAR $ 0.2263 - 9.84 % LEO $ 9.8084 - 1.26 % XLM $ 0.2743 - 7.27 % SUI $ 2.5616 - 7.28 % AVAX $ 19.57 - 4.93 % LTC $ 104.58 + 0.14 % BCH $ 386.05 - 3.40 % SHIB $ 0.0₄1285 - 4.93 % Ad Sign Up News Back to menu News Prices Back to menu Prices Data Back to menu Data Trade Data Derivatives Order Book Data On-Chain Data API Research & Insights Data Catalogue AI & Machine Learning Indices Back to menu Indices Multi-Asset Indices Reference Rates Strategies and Services API Insights & Announcements Documentation & Governance Consensus Back to menu Consensus Sponsored Back to menu Sponsored Videos Back to menu Videos CoinDesk Daily Shorts Editor's Picks Podcasts Back to menu Podcasts CoinDesk Podcast Network Markets Daily Gen C Unchained with Laura Shin The Mining Pod Newsletters Back to menu Newsletters The Node Crypto Daybook Americas State of Crypto Crypto Long & Short Crypto for Advisors Research Back to menu Research Webinars & Events Back to menu Webinars & Events Consensus 2025 Policy & Regulation Conference Sponsored Back to menu Sponsored Thought Leadership Press Releases CoinW MEXC Phemex Advertise News Sections Back to menu News Sections Markets Finance Tech Policy Focus English Select Language English en Español es Filipino fil Français fr Italiano it Português pt-br Русский ru Українська uk News Prices Data Indices Consensus Sponsored Sign In Sign Up Tech Share Share this article Copy link X icon X (Twitter) LinkedIn Facebook Email Ripple Co-founder’s $150M XRP Heist Related to LastPass Hack: ZachXBT Larsen confirmed the incident in January, where he clarified the hack affected only his personal accounts, not Ripple’s corporate wallets. By Shaurya Malwa | Edited by Parikshit Mishra Updated Mar 8, 2025, 12:00 p.m. UTC Published Mar 8, 2025, 11:18 a.m. UTC What to know : A $150 million theft from Ripple co-founder Chris Larsen's wallet was traced back to a security lapse at password manager LastPass, according to a forfeiture complaint filed by U.S. law enforcement. The hackers accessed Larsen's private keys stored in LastPass, which had suffered a major breach in 2022, leading to the theft of encrypted customer password vaults and unencrypted metadata for an estimated 25 million users. The fallout from the LastPass hack continues, with crypto losses connected to the breach estimated to be at least $250 million as of May 2024. A $150 million theft targeting Ripple co-founder Chris Larsen has been traced back to a security lapse involving the password manager LastPass, according to a forfeiture complaint filed by U.S. law enforcement on March 6 flagged by blockchain sleuth ZachXBT. ZachXBT shared that the complaint detailed how Larsen’s private keys — or code to access one’s token holdings — were stored in LastPass, the widely used password manager that suffered a major breach in 2022. Story continues Don't miss another story. Subscribe to the The Protocol Newsletter today . See all newsletters Sign me up By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy . At the time, hackers stole source code and technical data by compromising a developer's account. By November of that year, they used this access to infiltrate a cloud storage system, stealing encrypted customer password vaults and unencrypted metadata for an estimated 25 million users. Although ‘vaults’ were encrypted, weak or reused master passwords could be brute-forced, exposing stored data. Hackers exploited this vulnerability, accessing Larsen’s keys and siphoning off the XRP, valued at $150 million at the time of the theft and over $600 million as of Saturday’s prices. “A forfeiture complaint filed yesterday by US law enforcement revealed the cause for the ~$150M (283M XRP) hack of Ripple co-founder, Chris Larsen's wallet in Jan 2024 was the result of storing private keys in LastPass (password manager which was hacked in 2022),” ZachXBT wrote on his Telegram channel. “Up to this point Chris Larsen had not publicly disclosed the cause of the theft,” he added. Larsen confirmed the incident in January, where he clarified the hack affected only his personal accounts, not Ripple’s corporate wallets. He is yet to publicly comment on the forfeiture notice. The fallout from the 2022 LastPass hack has been extensive and remain ongoing. In December, The Security Alliance (SEAL), a team of cybersecurity experts focused on the crypto market, estimated that crypto losses connected to the breach had touched at least $250 million as of May 2024. XRP crypto hack Shaurya Malwa Shaurya is the Co-Leader of the CoinDesk tokens and data team in Asia with a focus on crypto derivatives, DeFi, market microstructure, and protocol analysis. Shaurya holds over $1,000 in BTC, ETH, SOL, AVAX, SUSHI, CRV, NEAR, YFI, YFII, SHIB, DOGE, USDT, USDC, BNB, MANA, MLN, LINK, XMR, ALGO, VET, CAKE, AAVE, COMP, ROOK, TRX, SNX, RUNE, FTM, ZIL, KSM, ENJ, CKB, JOE, GHST, PERP, BTRFLY, OHM, BANANA, ROME, BURGER, SPIRIT, and ORCA. He provides over $1,000 to liquidity pools on Compound, Curve, SushiSwap, PancakeSwap, BurgerSwap, Orca, AnySwap, SpiritSwap, Rook Protocol, Yearn Finance, Synthetix, Harvest, Redacted Cartel, OlympusDAO, Rome, Trader Joe, and SUN. X icon About About Us Masthead Careers CoinDesk News Crypto API Documentation Contact Contact Us Accessibility Advertise Sitemap System Status DISCLOSURE & POLICES CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies . CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one. Ethics Privacy Terms of Use Cookie Consent Do Not Sell My Info © 2025 CoinDesk, Inc. X icon