In a major security breach, Atomic Wallet, a noncustodial-decentralized wallet provider, has reported the theft of at least $35 million worth of crypto assets from its users since June 2.
The attack, which has sent shockwaves through the crypto community, has seen the five largest losses amounting to $17 million. Atomic Wallet, with over 5 million users globally, is now scrambling to investigate the cause of the attack and assist affected customers.
Renowned on-chain sleuth ZachXBT, known for tracing stolen crypto funds and aiding hacked projects, has investigated the incident independently. According to ZachXBT’s findings, the largest victim has lost $7.95 million in Tether (USDT), but the total amount stolen could potentially exceed $50 million. More victims continue to emerge as the scope of the breach becomes apparent, leaving many users devastated by the loss of their digital assets.
Among those affected is Emre, a Turkish resident and cybersecurity expert who lost nearly $1 million in various cryptocurrencies, including Bitcoin (BTC), Dogecoin (DOGE), Litecoin (LTC), Ethereum (ETH), USDT, USD Coin (USDC), Binance Coin (BNB), and Polygon (MATIC).
Emre had entrusted these funds to Atomic Wallet as part of his plans to establish a cybersecurity firm in Turkey. Atomic Wallet has acknowledged the severity of the situation but has yet to provide concrete information to its users.
Atomic Wallet’s Terms of Service, like many noncustodial wallets, absolve the company of any liability for on-chain damages experienced by users. With little information forthcoming from Atomic Wallet, affected users are left to grapple with the breach’s aftermath. The support team at Atomic Wallet has been collecting victim addresses and reaching out to major exchanges and blockchain analytics companies to trace and block the stolen funds.
Concerns have been raised in Telegram’s community channels that the exploit may have originated from an outdated dependency package. Dependency packages outline the sequence of activities within a program and the required libraries to execute those activities.
This incident adds to the growing list of crypto hacks, which have become a cause for alarm within the industry. Recent cases include the $7.5 million exploit targeting Jimbos Protocol and the malicious proposal that seized control of Tornado Cash’s governance in May.
According to a report by Chainalysis, crypto hackers siphoned off approximately $3.8 billion in stolen funds last year, with a significant portion stemming from North Korean-linked attacks exploiting decentralized finance protocols.
As the investigation into the Atomic Wallet breach intensifies, affected users await more substantial information and support from the company. The incident is a stark reminder of the importance of robust security measures and heightened vigilance in the crypto space, where the constant threat of cyberattacks persists.
