The cause of the attack is currently under investigation by security teams. Emerging reports indicate instances of lost tokens, erased transaction data, and even complete destruction of crypto portfolios.
Based on an analysis conducted by on-chain investigator ZachXBT, users of Atomic Wallet have experienced a theft of cryptocurrency assets amounting to a minimum of $35 million since June 2. The analysis further reveals that the five most significant losses contribute to a sum of $17 million.
The cause of the attack is currently under investigation, as stated by Atomic Wallet on their official Twitter account. Several reports have emerged, highlighting instances of lost tokens, erased transaction histories, and even complete theft of entire cryptocurrency portfolios.
An independent investigation conducted by the pseudonymous Twitter user ZachXBT, renowned for tracing stolen crypto funds and assisting hacked projects, has uncovered the largest victim who suffered a loss of $7.95 million in Tether. In a comment, ZachXBT expressed concern that the total losses could potentially exceed $50 million, as more victims continue to be discovered.
With a reported user base of more than 5 million globally, Atomic Wallet has been affected by a security breach, as confirmed by a conversation between Cointelegraph and a former loyal Atomic client who has now become a victim. Emre, a resident of Turkey and a cybersecurity expert by profession, expressed deep regret over the incident. He disclosed a loss of nearly $1 million in cryptocurrency assets, which he had received as rewards from bug bounty programs. The stolen tokens encompass a range of popular cryptocurrencies, including Bitcoin, Dogecoin, Litecoin, Ether, USDT, USD Coin, BNB, and Polygon.
According to Emre, Atomic Wallet is currently in the process of investigating the incident, but they have yet to provide any definitive updates or findings. The funds that were stored in Atomic Wallet were originally intended to be used for the creation of a cybersecurity company based in Turkey.
Atomic Wallet operates as a noncustodial and decentralized wallet, placing the responsibility of asset storage on its users. As per the usual practice, the Terms of Service of Atomic Wallet explicitly state that they do not accept liability for any on-chain damages experienced by users. A specific excerpt in the Terms of Service states, "Atomic Wallet shall not be held liable for damages arising from the services, and the maximum liability shall not exceed $50."
Atomic Wallet has been relatively limited in its provision of information to users thus far. In their second official communication, issued via a tweet on June 4, the Atomic Wallet team stated that their support team is actively gathering victim addresses and has initiated contact with major exchanges and blockchain analytics companies. The objective is to trace and block the stolen funds in an effort to mitigate the impact of the security breach.
Users reaching out to Atomic Wallet for assistance have been requested to provide responses to a comprehensive questionnaire consisting of more than 20 inquiries. The questions cover a range of topics such as internet service providers, the utilization of virtual private networks (VPNs), and the storage methods employed for seed phrases.
Within Telegram's community channels, several individuals have raised the possibility that the exploit may have originated from an outdated dependency package. Dependency packages play a crucial role in defining the interactions and sequence of activities within a program, as well as identifying the necessary libraries required to execute these activities.
The recent attack on Atomic Wallet adds to the increasing number of crypto hacks in recent times. Notable incidents include the $7.5 million exploit on Jimbos Protocol and the malicious proposal that compromised Tornado Cash's governance in May. According to a report by Chainalysis, it is estimated that crypto hackers pilfered approximately $3.8 billion in the previous year, with a significant portion attributed to North Korean-linked attacks that exploited decentralized finance protocols.
