tl;dr
ZachXBT revealed that Ripple Co-founder Chris Larsen lost $150 million worth of XRP in January due to storing private keys in LastPass, which was hacked in 2022. The theft was discovered through a US law enforcement filing. ZachXBT, known for investigating crypto crimes, uncovered the hack and attri...
Ripple Co-founder Chris Larsen lost $150 million of XRP in January due to storing private keys in LastPass, which was hacked in 2022. ZachXBT uncovered the XRP hack and revealed that Chris Larsen stored his private wallet keys on the breached password management software LastPass. The theft was discovered through a US law enforcement filing. ZachXBT, known for investigating crypto crimes, attributed the loss to Larsen storing his private wallet keys on LastPass. The revelation caused Ripple's XRP token price to drop by 7%, and Larsen and LastPass have yet to respond to the investigation.
ZachXBT revealed that Ripple Co-founder Chris Larsen lost $150 million worth of XRP in January due to storing private keys in LastPass, which was hacked in 2022. The theft was discovered through a US law enforcement filing. ZachXBT, one of the most famous sleuths in the crypto industry investigates several types of crimes. He pursues major criminals like the Lazarus Group and helps victims recover funds, but he can also reveal uncomfortable truths about projects. Last month, ZachXBT got most of OpSec’s staff to resign after an investigation, and today, he turned his attention to Ripple.
“A forfeiture complaint filed yesterday by US law enforcement revealed the cause for the ~$150 million hack of Ripple co-founder Chris Larsen’s wallet in January 2024 was the result of storing private keys in LastPass (password manager which was hacked in 2022.) Up to this point Chris Larsen had not publicly disclosed the cause of the theft,” he said on Telegram.
This particular hack targeted Larsen’s private XRP wallet. It appears that the Ripple co-founder stored his private wallet keys on the password management software LastPass. However, LastPass was breached in 2022, and Larsen’s wallet details, along with hundreds of users, were exposed. At that time, it was estimated that around $35 million in crypto was stolen from 150 victims. After today’s discovery, the amount was apparently much larger.
Naturally, the price of Ripple’s XRP token did not respond well to ZachXBT’s allegations. Its price has already been somewhat erratic, dropping 20% after Trump’s Crypto Reserve announcement. Earlier this morning, XRP was cautiously anticipating a price rebound, but it fell more than 7% after the Telegram post. This might be largely due to the market’s underlying macroeconomic conditions.
Ripple CEO Chris Larsen hasn’t directly responded to the investigation, and ZachXBT has yet to make any further statements. Larsen’s social media account hasn’t been active since October 2024, when he was posting election-related content. Meanwhile, LastPass is still actively advertising its services on social media, and ZachXBT called the firm out with harsh invective.
“Has your team forgotten LastPass was breached in 2022 which has led to 9 figures in crypto thefts? Let’s not forget your team has long covered up the extent of the attack and gaslit many confirmed victims. Now… even law enforcement publicly agrees you are likely to blame. Not a single person should use LastPass if they want a secure password manager,” he said.