-640x358.jpg&w=1200&q=75)
Russian cybercriminal networks have been linked to the laundering of more than $35 million in cryptocurrency stolen from users of password manager LastPass, according to TRM Labs.
The investigation traced the stolen assets back to the major LastPass data breach disclosed in 2022.
TRM Labs said the theft represented a prolonged and coordinated drain of compromised crypto wallets rather than a single incident.
Analysts found that funds continued to be siphoned from affected vaults as recently as late 2025.
The report concluded that the stolen cryptocurrency was routed through illicit financial infrastructure connected to Russia’s cybercrime ecosystem.
Attackers attempted to obscure transaction trails by using privacy-focused protocols and obfuscation tools.
Despite these efforts, investigators were able to track the funds as they moved to exchanges and services linked to Russia.
TRM Labs identified a consistent on-chain behavioural signature tying the thefts to a single coordinated group.
The hackers regularly converted non-Bitcoin assets into Bitcoin using instant swap services.
The Bitcoin was then routed through mixing services designed to conceal transaction histories.