On-chain Investigation Reveals Atomic Wallet Lost $35 Million

Atomic Wallet statement confirms engaging in-house and external security personnel to unearth the basis and channel of the attack. Preliminary reports on the exploit show lost tokens, erasing of transaction data, and damage to the whole crypto portfolio. 

ZachXBT On-chain Investigation Shows $17 Million Loss

ZachXBT, an on-chain investigator, claims that Atomic Wallet users have lost crypto assets worth at least 35 million dollars. The investigation shows that since June 2, the wallet suffered five biggest losses accumulating to $17 million. 

Atomic Wallet acknowledged the exploit in a tweet post confirming opening the investigations to establish the reason for the attack. Prevailing reports have highlighted issues such as lost tokens, the erasure of transactional histories, and the theft of whole crypto portfolios.

ZachXBT plays a critical role in tracking stolen crypto funds and hacked projects. Its recent independent investigation revealed that the biggest victim suffered a Tether loss of $7.95 million. ZachXBT admitted that the investigations are revealing more victims, a reason it estimates the loss to exceed $50 million.  

Exploit Victims Blame Atomic Wallet for Nonaction 

Atomic Wallet believes it has more than five million users across the globe. A preliminary interview with a loyal client who lost digital wealth in the exploit blames the company. The cybersecurity expert claims to have lost $1 million in crypto holdings, including Bitcoin.

The cyber security expert also stated that despite claims that the matter is being investigated, nothing concrete has been established. The funds presently held at Atomic Wallet were to develop a cybersecurity organization in Turkey.

Since Atomic is a noncustodial-decentralized wallet, its users are responsible for all the assets the application stores. According to a Terms of Service quote, any liabilities concerning on-chain damages users suffer are unacceptable. Atomic Wallet does not compensate for damages attributed to services surpassing $50.

Atomic Wallet Devote to Verify Users’ Accounts

Currently, leading security organizations have partnered to conduct investigations. Despite no findings, the team is trying to establish probable attack vectors. The security entities allege that Atomic Wallet has offered scanty information to users. 

According to a Sunday, June 4 tweet, Atomic Wallet claimed that its support team is gathering victims’ addresses and trying to track and block the stolen funds by contacting major blockchain analytics organizations and exchanges. Persons contacting the organization must answer more than 20 queries concerning using private networks (VPNs), internet providers, and seed phase storage.

Outdated Dependency Package Blamed for the Attack

Via Telegram’s community platforms, some individuals claimed that an out-of-date dependency package was the source of the exploit. Dependency packages refer to the link between the activities to be executed within a program, which includes the order of execution and the libraries required for their implementation.

This attack is just one of the organizations affected by crypto hacks. Examples of cases reported in the past include a malicious proposal that took control of the governance of Tornado Cashback in May and a Jimbos Protocol exploits amounting to $7.5 million. According to a Chainalysis report, crypto hackers were involved in the theft of 3.8 billion dollars last year. The theft often occurred via North Korean-associated attacks using decentralized finance procedures.

Analysis by the blockchain compliance analytics Elliptic shows the attacker sent the proceeds to the crypto mixer Sinbad.io. The platform was previously utilized by North Korea’s hackers Lazarus Group to conceal their $100M exploit.