Regulators or authorities have taken action to block a portion of the funds, restricting their transfer on exchanges. It was hailed as one of the most secure non-custodial wallets in the crypto world. Atomic Wallet always boasted of its ‘state-of-the-art security systems and its commitment to user privacy. But the catastrophic heist of more than $35 million from Atomic Wallet, carried out allegedly by North Korea’s infamous hacking group Lazarus, has completely shattered their claims and exposed the danger of non-custodial wallets.
Elliptic Identifies Connections to Lazarus Group: Previous Hacks and Money Laundering Involved
Atomic Wallet, a recent player in the crypto wallet space, had become a popular alternative to the more established heavyweights due to its non-custodial approach. However, early on Saturday morning, the team behind Atomic confirmed that around 7% of their monthly active users had their funds compromised. The stolen funds include bitcoin (BTC), ether (ETH), tether (USDT), dogecoin (DOGE), litecoin (LTC), BNB coin (BNB), polygon (MATIC), and Tron-based USDT.
In their blog post, blockchain intelligence firm Elliptic reveals that the individuals who executed the theft channeled the stolen cryptocurrency to a mixer called Sindbad.io. Sindbad.io is recognized as a successor to the previously sanctioned Blender.io mixer, as stated in the blog post by Elliptic, a blockchain intelligence firm. The firm discovered links between wallets used in previous Lazarus hacks and the wallets holding the stolen funds from Atomic. The Lazarus Group, involved in cybercrime, earns income through cryptocurrency hacks, stealing funds, and laundering them.
Least Authority Exposes Atomic Wallet’s Vulnerabilities in Breach
Least Authority highlighted Atomic Wallet’s vulnerability to breaches in a blog post discussing the attack. The hacked post highlighted Atomic’s implementation issues, inadequate wallet design, and lack of project documentation. The hacked post serves as a warning sign for the crypto industry, despite its removal.
Hacken suggests hackers may have derived private keys from transaction data visible on the Bitcoin blockchain. Upon investigation, it was revealed that the Android version of Atomic relied on an outdated and vulnerable dependency for transaction signing. There is a possibility of a supply chain attack on the wallet manufacturer or a hack of Atomic’s website.
Atomic CEO Unable to Comment on Hack, Investigation Continues
Solana blockchain scaling startup, Jito Labs, announced that they successfully recovered over $1 million from a single user. Meanwhile, Atomic CEO Konstantin Gladych couldn’t comment on the possible reason for the hack. The team collects data from affected users and shares it with blockchain analysis firms like Chainalysis, Crystal, and Elliptic. Some exchanges have actively blocked a portion of the funds, effectively preventing their transfer.
Given the hack’s complexity and professional involvement, it’s likely the attackers will escape with the remaining funds. Jito Labs’ impressive response in recovering $1 million for a single user is highly commendable. The incident reminds us that recovery from professional hackers is possible with the right actions in place.
Atomic Wallet Faces Challenges in Compensating Affected Users After Hack
Atomic Wallet, however, has not revealed any official plans regarding compensation for affected users. The service’s decision not to disclose information on law enforcement involvement or ongoing investigations is risky. Recovering from such a massive heist will pose financial and reputational challenges for the company going forward.
The Lazarus Group hack and theft from Atomic Wallet highlight the risks associated with non-custodial wallets. Lax security measures, like those used by Atomic Wallet, increase the risk of future scams. Incidents like these prompt the crypto industry to enhance security measures, particularly regarding wallet protection.
In the world of cryptocurrencies, security is not only a matter of trust but also about implementing robust safety measures. We cannot afford to continue putting ourselves at risk, as this risk can damage both our reputations and our wallets. To prevent unexpected losses, it is crucial to prioritize security when selecting a crypto wallet.
Disclaimer: Cryptocurrency trading involves significant risks and may result in the loss of your capital. You should carefully consider whether trading cryptocurrencies is right for you in light of your financial condition and ability to bear financial risks. Cryptocurrency prices are highly volatile and can fluctuate widely in a short period of time. As such, trading cryptocurrencies may not be suitable for everyone. Additionally, storing cryptocurrencies on a centralized exchange carries inherent risks, including the potential for loss due to hacking, exchange collapse, or other security breaches. We strongly advise that you seek independent professional advice before engaging in any cryptocurrency trading activities and carefully consider the security measures in place when choosing or storing your cryptocurrencies on a cryptocurrency exchange.
