Crypto Heist: How a 2022 Hack Kept Stealing for Years

In 2022, a big hack hit LastPass, a company that stores passwords. Thieves got away with encrypted backups of people's password vaults. These vaults had important info like crypto keys and seed phrases. The hackers had a field day. They used weak master passwords to crack open the vaults and steal crypto. This theft didn't stop in 2022. It kept happening until late 2025. TRM Labs, a blockchain sleuth, found out about this. They said Russian cybercriminals were behind the theft. These criminals used Russian exchanges to launder the stolen crypto. One exchange even got a fine from the U. S. government for taking dirty money.LastPass got in trouble too. They had to pay a big fine. The U. K. said they didn't do enough to stop the hack. LastPass also warned people that hackers might try to guess their master passwords. TRM Labs found out that's exactly what happened. The hackers used special tools to hide their tracks. But TRM Labs could still follow the money. They found out that over $35 million was stolen. Most of it was turned into Bitcoin and laundered. The rest was stolen in a later wave. This whole thing shows how one hack can lead to years of theft. Even when hackers try to hide, experts can still find them. It also shows why strong passwords are important. A weak password can lead to big trouble.