Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: LastPass hack - move your crypto assets to a more secure place right now!
by
Bananington
on 31/10/2023, 22:55:35 UTC
Quote from: Stalker22 on Today at 09:55:06 PM
Quote from: coolcoinz on Today at 05:12:06 PM
Quote from: Kryptowerk on Today at 01:15:42 AM
This is sad but whoever stores their crypto backups / seeds / passwords to wallets etc in an ONLINE password manage totally misunderstood tthe self-custody aspect of crypto / Bitcoin.
I still believe password managers do have some value - for throwaway logins or stuff that is just very convenient to access via some basic account. Anythign related to your identity or any real value does not belong there however.

Also, I do believe there are hardware solutions - didn't Trezor have a built-in password manager? Not sure if they continued this service, though

I believe that not all of these people had their seeds in LastPass. Some of them might have their exchange and email logins and passwords. This allowed the attackers to access their exchange accounts and withdraw money.
Currently people are holding cryptocurrencies on lending and staking platforms as well and it's enough to have access to email account to reset password on these sites and withdraw funds, since the confirmation often comes to that same email.

Also, don't underestimate people. They still fall victim to emails sent by Nigerian princes and send money to new investment platforms promoted by Elon Musk and Jeff Bezos Wink

That is my thinking too. It has been over a year since the LastPass hack happened.  There is no telling what kind of data the hackers got their hands on in that time and  id bet the farm that the database has spread all over the dark web at this point, with hundreds or maybe thousands of shady characters trying to crack it and to get into those accounts.  

I bet most LastPass users probably didnt even know their info was stored in the cloud.  Your average LastPass user likely isnt tech savvy.  They installed the extension without thinking twice about where their data would go. The browser extension works in the background - and not much different than the built-in password manager.  And let us not forget that LastPass was supposed to be mega secure too.  Tons of pros said it was top of the line.  Whether thats true or not, LastPass was definitely the popular choice for managing passwords.  

This makes me fear for those of us who store our passwords on browsing apps. This will definitely be a motivation to those who still retained their conservative lifestyle of journaling.
Anyway, anyone who doesn't notice their BTC or Crypto assets stolen from this LastPass hack, doesn't really really care about their asset. This is also a why, why notifications and authentication apps be used so as to assure safety of any crypto based asset of such.