Skip to content Skip to footer

Atomic Wallet still can’t explain what caused hack that led to $100M in losses

The company has released a full event statement assuring users that its security infrastructure has now been updated.

Non-custodial crypto wallet Atomic Wallet has finally released a detailed “event statement” relating to the June 3 hack that resulted in an estimated $100M in losses. The statement came 17 days after the attack, and it appears to raise more questions than answers. 

The statement claims that staff have been working tirelessly “without days off” to rectify the situation and prevent further attacks, but it still doesn’t know how the hack happened. 

“The team has researched various potential causes, the most probable of which are virus targeting on local users devices, infrastructure breach, malware code injection, or a man-in-the-middle attack,” it stated. “At the moment, none of the possible issues are confirmed as potentially causing massive breaches, as such types of attacks are very hard to recognise.” 

An investigation conducted by blockchain intelligence firm Elliptic however revealed that the hack is very likely linked to North Korea’s Lazarus Group, a notorious group of “state-sponsored” hackers. Atomic Wallet doesn’t address this claim in its statement. 

Read more: Atomic Wallet was likely breached by North Korean hackers

The company stated that “less than 0.1%” of wallets have been affected (approximately 5000), but no new cases have been reported since June 3. 

Atomic Wallet is now working to “seize” and “distribute” frozen funds to affected users.

Immediately after the hack took place, Atomic Wallet teamed up with Chainalysis and Crystal to monitor transactions and engage with exchanges and authorities. Most stolen funds remain traceable.

When it comes to addressing the next steps, Atomic Wallet stated they are “working on a legal framework for seizing frozen deposits and distributing them among affected users.”

It has also taken measures to update its security infrastructure as the investigation continues. 

Victims of the hack aren’t satisfied with the explanation.

One Twitter user questioned why a security update was needed in the first place. 

In February 2022, a security audit conducted by Least Authority warned that Atomic Wallet may be at risk of a security breach. “We strongly recommend that the Atomic Wallet team immediately notify users of the existing security vulnerabilities,” a blog post read. 

“In addition, until the issues and suggestions outlined in the report have been sufficiently remediated and the Atomic Wallet has undergone subsequent security audits, we strongly recommend against the Atomic Wallet’s deployment and use.”

In response, Atomic’s CEO Konstantin Gladych announced that recommended changes would be implemented in late 2022. 

Another exasperated victim of the June 3 hack responded to the statement stating, “You keep repeating that only one percent of users are affected! Well, I am among that one percent! Why should I lose my property? Who is responsible for this security mistake??”.

Some users reported having their entire portfolios drained, while others lost specific altcoins such as XRP and ADA. The largest single victim is believed to have lost $7.95 million in USDT on the Tron network. 

Disclaimer: CryptoPlug does not recommend that any cryptocurrency should be bought, sold, or held by you. Do conduct your own due diligence and consult your financial advisor before making any investment decisions.

Leave a comment

Go to Top