BTC $ 38,308.00 0.000000%
ETH $ 2,751.00 0.000000%
MARKET CAP $ 0%
ICOs 8,717

05/06/2023   Atomic Wallet hack losses top $35M, on-chain sleuth reports

Security teams are investigating the cause of the attack. Reports have surfaced of tokens being lost, transaction data being erased, and even entire crypto portfolios destroyed.

Atomic Wallet hack losses top $35M, on-chain sleuth reports

Join us on social networks

At least $35 million worth of crypto assets has beenstolenfrom Atomic Wallet users since June 2, according to an analysis from on-chain sleuth ZachXBT. The five largest losses account for $17 million.

Accordingto Atomic Wallet on Twitter, the cause of the attack is being investigated. Reports have surfaced of tokens being lost, transaction histories being erased, and even entire crypto portfolios being stolen.

An independent investigation carried out by pseudonymous Twitter ZachXBT, known for tracing crypto stolen funds and assisting hacked projects, has found the largest victim lost $7.95 million in Tether. “Think it could surpass $50m. Keep finding more and more victims, sadly,” commented ZachXBT.

467852d4-c3c3-4c41-aa1c-91f61086bbe4.pngScreenshot: ZachXBT's investigation into Atomic Wallet's hack. Source: ZachXBT on Twitter.

Atomic Wallet claims to have over 5 million users around the world. Cointelegraph spoke with a long-time Atomic client who is now a victim of the security breach. “I felt terrible because I am a cybersecurity expert by profession,” said Emre, a Turkish resident who lost nearly $1 million in crypto assets received from bug bounty programs. His stolen tokens include Bitcoin

“They say they’re looking into it, but they don’t have anything concrete yet,” Emre continued. The funds held at Atomic Wallet were destined for the establishment of a cybersecurity firm in Turkey.

Atomic is a noncustodial-decentralized wallet, meaning users are responsible for assets stored in the application. As usual, its Terms of Servicedo not acceptany liability for on-chain damages suffered by users. “Under no circumstances will Atomic Wallet be liable to you for damages arising out of the services exceeding $50,” says one excerpt.

Update: The investigation is still ongoing in a joint effort with the leading security companies. The team is working on possible attack vectors. Nothing yet confirmed.

Support team is collecting victim addresses. Reached out to major exchanges and blockchain analytics companies…

— Atomic - Crypto Wallet (@AtomicWallet)June 4, 2023

There has been little information provided by Atomic Wallet to users so far. “Support team is collecting victim addresses. Reached out to major exchanges and blockchain analytics companies to trace and block the stolen funds," Atomic’s team said in a tweet from June 4 — its second official communication.

Those contacting Atomic have beenaskedto answer over 20 questions about internet providers, use of virtual private networks (VPNs), and storage of seed phrases.

In Telegram's community channels, some pointed out the exploit could have originated via an outdated dependency package. Dependency packages describe the relationship between activities to be performed within a program, including the order in which they should be performed, and the libraries needed to perform these activities.

The attack joins a growing list of crypto hacks. Most recent cases includeJimbos Protocol $7.5 million exploitand a malicious proposal thattook over Tornado Cash's governancein May. A Chainalysis reportestimatesthat crypto hackers stole $3.8 billion last year, mostly through North Korean-linked attacks exploiting decentralized finance protocols.

Cointelegraph reached out to Atomic Wallet, but did not receive an immediate response.

https://cointelegraph.com/news/atomic-wallet-hack-losses-top-35