Atomic Wallet has suffered losses totaling at least $35 million in cryptocurrency assets since June 2, according to an analysis conducted by renowned on-chain sleuth ZachXBT.
Atomic Wallet boasts a user base of over 5 million individuals worldwide. The platform, which places the responsibility of asset storage on its users, is now facing intense scrutiny due to stolen tokens, erased transaction histories, and even entire crypto portfolios being pilfered.
Concerned by the scale of the attack, ZachXBT, a pseudonymous Twitter user renowned for tracking stolen crypto funds and assisting hacked projects, expects the total losses to surpass $50 million potentially. Despite Atomic Wallet’s claims to be investigating the incident, victims have expressed frustration over the lack of concrete information provided by the platform.
The breach has exposed the vulnerability of decentralized wallets, as users are left to grapple with the fallout of their stolen assets. Atomic Wallet’s Terms of Service explicitly state that the platform accepts no liability for on-chain damages its users suffer, limiting its responsibility to a maximum of $50.
Atomic Wallet’s team has been relatively tight-lipped about the incident, with only two official communications issued so far. In a recent tweet, the support team mentioned collecting victim addresses and contacting major exchanges and blockchain analytics companies to trace and block the stolen funds.
However, victims who have contacted Atomic Wallet have been bombarded with questions regarding their internet providers, use of virtual private networks (VPNs), and storage of seed phrases.
Speculation within Telegram’s community channels suggests that the exploit could have originated from an outdated dependency package, which outlines the relationship between program activities and the libraries required to execute them.
This hack joins a growing list of crypto breaches, including the $7.5 million exploit of Jimbos Protocol and a malicious proposal that seized control of Tornado Cash’s governance in May. According to a Chainalysis report, crypto hackers pilfered a staggering $3.8 billion in 2022, primarily through decentralized finance protocols targeted in North Korean-linked attacks.
Atomic Wallet engages in investigation amid mounting concerns
Following the revelation of the security breach and the subsequent loss of millions of dollars in users’ cryptocurrency, Atomic Wallet is under intense scrutiny. As concerns rise within the crypto community, the platform acknowledges the compromise and vows to investigate the apparent vulnerability that led to the massive hack.
The Atomic Wallet cryptocurrency wallet, with over 5 million downloads, was initially launched in 2017 as Atomic Swap by CEO Konstantin Gladych, who also serves as the CEO of Changelly.com. Despite its longevity, the platform’s security measures have been questioned. Least Authority, an auditing firm, raised red flags in February 2021, stating that Atomic Wallet is “insufficiently secure in protecting user assets and private data.”
Atomic Wallet, while unable to confirm the exact nature of the attacks at present, assures its users that it is working diligently with leading security companies to investigate the breach. The platform has also contacted analytics firms and exchanges for assistance in tracing the stolen funds.
Some victims on Twitter claim to have managed to move their funds to different wallets in time, avoiding any losses. However, many others lament the loss of their entire crypto holdings.
As the fallout from the hack unfolds, Atomic Wallet’s ERC-20 token AWC, which trades on decentralized exchanges such as Uniswap, has seen a significant decline. Currently down over 13% to $0.22 over the past 24 hours, according to CoinGecko, the token’s price represents a staggering 96% decline from its all-time high of $7.26 in May 2021.
The cryptocurrency industry has experienced an upswing in attacks compared to previous years. In the first fiscal quarter of 2023, research from Immunefi revealed that a total of $440 million was stolen across 73 incidents, with hacks accounting for 95% of the funds lost.
While recovering lost funds remains challenging, there is a glimmer of hope. ZachXBT, assisted by Jito Labs’ pseudonymous CEO Buffalo and an employee from an MEV infrastructure company, was able to help recover $1 million worth of funds. Buffalo, cautious about revealing their methodology publicly, believes their solution could potentially aid other victims.
The Atomic Wallet hack has undoubtedly rattled the crypto community and left victims reeling. As investigations progress, users anxiously await Atomic Wallet’s updates on their efforts to rectify the security breach and mitigate further losses.
