This weekend, several Atomic Wallet users had at least $14 million worth of cryptocurrency stolen. While the wallet teams indicated that they were conducting research into the causes of this hack, they have since been stingy with information.
Web3 Atomic Wallet hack in progress
On Saturday, the Atomic Wallet cryptocurrency wallet teams informed that they had received several complaints from users who had seen funds disappearwithout giving more information, inviting the persons concerned to contact the support:
We have received reports of wallets being compromised. We are doing all we can to investigate and analyze the situation. As we have more information, we will share it accordingly.
For any questions and concerns, contact [email protected]
— Atomic – Crypto Wallet (@AtomicWallet) June 3, 2023
In reality, it turns out that there was indeed a hack on the wallet, and that many funds have disappeared on several different blockchains. Atomic Wallet, which would have more than 5 million users, works like software to be installed on your computer, and supports more than 1000 cryptocurrencies, including BTC and ETH in particular.
On-chain sleuth ZachXBT noted that the biggest single loss was 2.8 million USDT, and identified more than $14 million in stolen cryptocurrenciesestimating that the total damage could exceed 20 million:
Some things to note about this hack.
Largest single victim I have observed is for 2.8M USDT. Multiple other losses for 6 figures across different chains.
Thanks to all of the victims who have messaged me their transaction hash. The root cause is still tbd. https://t.co/4sybXUrXBo pic.twitter.com/or2b3eMvIs
— ZachXBT (@zachxbt) June 3, 2023
For his part, Taylor Monahan noted that this wave of attacks would be between June 2, 21:45 UTC and June 3, 15:30 UTC.
The same modus operandi would be reused every time : the attacker sends all the altcoins from the target address to another address, then ends up with the native cryptocurrency of the blockchain in question, exchanges everything for this same crypto like ETH on Ethereum, then sends the funds to a new address:
Earliest Txn Date I have is June 2 2023 @ 21:45 UTC
Latest Txn Date I have is June 3, 2023 @ 15:30pm UTCon-chain the drains look like this:
1. each token and then the base asset is swept from the victims address to a new address
2. the hacker then swaps all the tokens for the…
— Tay 💖 (@tayvano_) June 3, 2023
👉 To go further — How to secure your cryptocurrencies? Interview with Charles Guillemet de Ledger
The best way to secure your cryptocurrencies?
? Buy, trade, grow and manage over 5,500 cryptos
🎧 Listen to this article and all other crypto news on Spotify
Known critical security vulnerabilities
The precise circumstances of these thefts do not yet seem to be established with precision, however, elements imply that Atomic Wallet teams were aware of critical flawswithout having taken the necessary measures to correct them.
For example, Taylor Monahan shared an archived blog page from blockchain security firm Least Authority, which warned of serious problems as early as February 2022:
Fuck you @AtomicWallet
Fuck you @gladkos
Fuck you @Changelly_team
Your security posture sucks, you refuse to listen to people, you aggressively silence people, and your products and services facilitate theft on a daily basis and have for years.https://t.co/lkpmDauNLO
— Tay 💖 (@tayvano_) June 3, 2023
Indeed, one of the passages on this archived page is unequivocal :
“Due to the current state of design and implementation, as detailed in the issues and suggestions outlined in our final audit report, we consider Atomic Wallet to be insufficiently secure to protect user assets. and their private data. Therefore, we strongly recommend the Atomic Wallet team to immediately notify users of existing security vulnerabilities. »
For its part, ZachXBT indicates that a million dollars belonging to one of the victims could have been saved from the hacker’s walletwithout detailing how it was done:
A huge shoutout goes to @buffalu__ @brian_smith_0 for helping us successfully rescue $1m from the Atomic Wallet hacker for one of the victims.
— ZachXBT (@zachxbt) June 4, 2023
Note that during the writing of these lines, Atomic Wallet had still not given more precise information, leaving its users in total limbo as to the sequence of events. As a result, we strongly recommend that you withdraw your funds from this wallet.
On the other hand, it is also important to consider securing these with a hardware wallet.
👉 Also in the news — DeFi: In May, investors lost more money in rug pulls than in hacks
Our service dedicated to cryptocurrency investors. Get real-time analytics and optimize your crypto portfolio.
Source: Least Authority
Newsletter 🍞
Receive a summary of crypto news every Monday by email 👌
What you need to know about affiliate links. This page presents assets, products or services relating to investments. Some links in this article are affiliated. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to offer you original and useful content. There is no impact on you and you can even get a bonus by using our links.
Investments in cryptocurrencies are risky. Cryptoast is not responsible for the quality of the products or services presented on this page and could not be held responsible, directly or indirectly, for any damage or loss caused following the use of a good or service highlighted in this article. Investments related to crypto-assets are risky by nature, readers should do their own research before taking any action and only invest within the limits of their financial capabilities. This article does not constitute investment advice.
AMF recommendations. There is no guaranteed high return, a product with high return potential involves high risk. This risk-taking must be in line with your project, your investment horizon and your ability to lose part of this savings. Do not invest if you are not ready to lose all or part of your capital.
To go further, read our Financial Situation, Media Transparency and Legal Notices pages.