At least $35 million worth of crypto assets has been stolen from Atomic Wallet users since June 2, according to an analysis from on-chain sleuth ZachXBT. The five largest losses account for $17 million.
According to Atomic Wallet on Twitter, the cause of the attack is being investigated. Reports have surfaced of tokens being lost, transaction histories being erased, and even entire crypto portfolios being stolen.
An independent investigation carried out by pseudonymous Twitter ZachXBT, known for tracing crypto stolen funds and assisting hacked projects, has found the largest victim lost $7.95 million in Tether (USDT). “Think it could surpass $50m. Keep finding more and more victims, sadly,” commented ZachXBT.
Atomic Wallet claims to have over 5 million users around the world. Cointelegraph spoke with a long-time Atomic client who is now a victim of the security breach. “I felt terrible because I am a cybersecurity expert by profession,” said Emre, a Turkish resident who lost nearly $1 million in crypto assets received from bug bounty programs. His stolen tokens include Bitcoin (BTC), Dogecoin (DOGE), Litecoin (LTC), Ether (ETH), USDT, USD Coin (USDC), BNB (BNB) and Polygon (MATIC).
“They say they’re looking into it, but they don’t have anything concrete yet,” Emre continued. The funds held at Atomic Wallet were destined for the establishment of a cybersecurity firm in Turkey.
Atomic is a noncustodial-decentralized wallet, meaning users are responsible for assets stored in the application. As usual, its Terms of Service do not accept any liability for on-chain damages suffered by users. “Under no circumstances will Atomic Wallet be liable to you for damages arising out of the services exceeding $50,” says one excerpt.
There has been little information provided by Atomic Wallet to users so far. “Support team is collecting victim addresses. Reached out to major exchanges and blockchain analytics companies to trace and block the stolen funds," Atomic’s team said in a tweet from June 4 — its second official communication.
Those contacting Atomic have been asked to answer over 20 questions about internet providers, use of virtual private networks (VPNs), and storage of seed phrases.
In Telegram's community channels, some pointed out the exploit could have originated via an outdated dependency package. Dependency packages describe the relationship between activities to be performed within a program, including the order in which they should be performed, and the libraries needed to perform these activities.
The attack joins a growing list of crypto hacks. Most recent cases include Jimbos Protocol $7.5 million exploit and a malicious proposal that took over Tornado Cash's governance in May. A Chainalysis report estimates that crypto hackers stole $3.8 billion last year, mostly through North Korean-linked attacks exploiting decentralized finance protocols.
Cointelegraph reached out to Atomic Wallet, but did not receive an immediate response.