undefined | Better HN

0 pointsMBCook3y ago0 comments

But if you had a ton of credentials from people, scanning for crypto credentials and trying to use those may be easier/faster/safer to turn into money than system credentials to some random company network.

0 comments

phphphphp3y ago

If the hack of LastPass happened yesterday, sure, but it happened months ago. There are a variety of different attacks that could be executed in that time, and the sooner the attacks are executed, the better — because less time for credentials to be rotated.

I find it implausible that the first hint of vault compromise comes 4 months after the hack and is against a low value cryptocurrency wallet. Especially considering that when LastPass first had issues, there were dozens of people reporting personal experiences of it here on HN — if LastPass vaults are compromised, the internet would be flooded with reports.

JimDabell3y ago

I largely agree with you, however it may also be the case that the attackers have been working on cracking vaults quietly since the hack and the announcement made them go after everything they had cracked so far instead of continuing to work quietly. They might have decided the crackable vaults don’t rotate credentials within them often, but it becomes much more likely after the announcement.

berniedurfee3y ago

Wasn’t there also source code stolen?

The time might have been spent analyzing the source code for vulnerabilities in the way the vaults were being protected.

MBCookOP3y ago

Oh I didn’t realize the compromise was months ago. I thought it was recent.

Good points.

smeej3y ago

They weren't really credentials, but keys. Pop those into any compatible wallet and you control the money now.

If someone had put the key in the URL field (because there is no corresponding URL because it's not a credential), and the URL field was unencrypted, that could account for it.

isthisthingon993y ago

I suspect people use secure notes to store crypto keys.

smeej3y ago

You would hope, but I've been working in customer/technical support in the crypto industry since early 2017. People are not remotely as careful as you would expect (and hope for) them to be.

paulpauper3y ago

yes, this. crypto is the fastest to convert to cash

j / k navigate · click thread line to collapse

0 comments

phphphphp3y ago

JimDabell3y ago

berniedurfee3y ago

Wasn’t there also source code stolen?

The time might have been spent analyzing the source code for vulnerabilities in the way the vaults were being protected.

MBCookOP3y ago

Oh I didn’t realize the compromise was months ago. I thought it was recent.

Good points.

smeej3y ago

They weren't really credentials, but keys. Pop those into any compatible wallet and you control the money now.

If someone had put the key in the URL field (because there is no corresponding URL because it's not a credential), and the URL field was unencrypted, that could account for it.

isthisthingon993y ago

I suspect people use secure notes to store crypto keys.

smeej3y ago

You would hope, but I've been working in customer/technical support in the crypto industry since early 2017. People are not remotely as careful as you would expect (and hope for) them to be.

paulpauper3y ago

yes, this. crypto is the fastest to convert to cash

j / k navigate · click thread line to collapse