Ripple founder Chris Larsen fell victim to a huge crypto heist, with hackers stealing $150 million worth of XRP in January 2024. According to blockchain investor Zachxbt, the hack resulted from Larsen storing his private key in LastPass, a password vault, which hackers breached in 2022. This news, which U.S. officials shared today, suggests ongoing hazards from prior security lapses.
$150 Million XRP Heist
LastPass, a popular password storage provider, had a major data breach in 2022 that disclosed encrypted customer data. Later, the incident resulted in the theft of 213 million XRP tokens valued at $112 million from Ripple co-founder Chris Larsen’s wallet. The hackers utilized Larsen’s private keys stored in LastPass to break into his accounts without permission.
Following the theft, the attackers quickly transferred the stolen funds. Various crypto exchanges like Binance, Kraken, and OKX are used to launder funds. However, Binance was able to freeze $4.2 million in XRP, although a lot had already been traded for other tokens.
Larsen says that the attack is primarily on his individual accounts and not Ripple’s corporate accounts. The recent U.S. law enforcement forfeiture complaint shed light on the connection between the high-level crypto theft and the LastPass hack.
LastPass Breach Aftermath
The hack has persisted, plaguing users with continued decryption efforts that enable further crypto thefts. Security expert Brian Krebs reports that more than $35 million was stolen from over 150 victims following the 2022 hack.
ZachXBT has tracked a series of waves of attacks, with a $5.36 million theft in December 2024. He said in a post on December 17 in his Telegram channel:
“Today an estimated $5.36M was drained by the LastPass threat actor from 40+ victim addresses. Stolen funds were swapped for ETH and transferred to various instant exchanges from Ethereum to Bitcoin.”
These repeated assaults highlight the hack’s long-term impact. The recurring menace has prompted experts to urgently advise transferring crypto assets for anyone who stored seed words or keys in LastPass, citing the urgent need for increased security in the crypto space.
Moreover, the U.S. law enforcement’s document release coincides with Trump’s inaugural White House Crypto Summit on March 7, 2025. This makes some people think the timing is connected to today’s U.S. National Stockpile announcement. Twitter user modernalkemist says:
READ MORE: Pepe Hits Rock Bottom: Can It Bounce Back from Yearly Lows?
