This weekend, several Atomic Wallet users had at least $14 million worth of cryptocurrencies stolen. While the wallet’s teams said they were investigating the causes of the hack, they have since been tight-lipped about the details
Hack in progress on the Web3 Atomic Wallet
On Saturday, teams at cryptocurrency wallet Atomic Wallet informed that they had received several complaints from users who had seen funds disappear, without giving further information, inviting those concerned to contact support:
We have received reports of wallets being compromised. We are doing all we can to investigate and analyse the situation. As we have more information, we will share it accordingly.
For any questions and concerns, contact support@atomicwallet.io
– Atomic – Crypto Wallet (@AtomicWallet) June 3, 2023
In reality, it turns out that there was indeed a hack on the wallet, and that many funds disappeared on several different blockchains.
Atomic Wallet, which is said to have more than 5 million users, works as a piece of software that you install on your computer, and supports more than 1,000 cryptocurrencies, including BTC and ETH in particular.
On-chain detective ZachXBT noted that the largest single loss was $2.8 million USDT, and counted more than $14 million in stolen cryptocurrencies, estimating that the total loss could exceed $20 million:
Some things to note about this hack.
Largest single victim I have observed is for 2.8M USDT. Multiple other losses for 6 figures across different chains.
Thanks to all of the victims who have messaged me their transaction hash. The root cause is still tbd. https://t.co/4sybXUrXBo pic.twitter.com/or2b3eMvIs
– ZachXBT (@zachxbt) June 3, 2023
For his part, Taylor Monahan noted that this wave of attacks would take place between 21:45 UTC on 2 June and 15:30 UTC on 3 June.
The same modus operandi would be used each time: the attacker sends all the altcoins from the target address to another address, then ends up with the native cryptocurrency of the blockchain in question, exchanges everything for that same crypto such as ETH on Ethereum, then sends the funds to a new address:
Earliest Txn Date I have is June 2 2023 @ 21:45 UTC
Latest Txn Date I have is June 3, 2023 @ 15:30pm UTCon-chain the drains look like this:
1. each token and then the base asset is swept from the victims address to a new address
2. the hacker then swaps all the tokens for the…
– Tay (@tayvano_) June 3, 2023
Critical security flaws a priori known
The precise circumstances of these thefts do not yet seem to have been established, but there are indications that the Atomic Wallet teams were aware of critical flaws, but did not take the necessary steps to correct them.
For example, Taylor Monahan shared an archived blog page from blockchain security firm Least Authority, which warned of serious problems as early as February 2022:
Fuck you @AtomicWallet
Fuck you @gladkos
Fuck you @Changelly_team
Your security posture sucks, you refuse to listen to people, you aggressively silence people, and your products and services facilitate theft on a daily basis and have for years.https://t.co/lkpmDauNLO
– Tay (@tayvano_) June 3, 2023
Indeed, one of the passages on this archived page is unequivocal:
“Due to the current state of design and implementation, as detailed in the issues and suggestions described in our final audit report, we do not consider Atomic Wallet to be sufficiently secure to protect user assets and private data. As a result, we strongly recommend that the Atomic Wallet team immediately inform users of existing security vulnerabilities. “
For its part, ZachXBT reports that one million dollars belonging to one of the victims was saved from the hacker’s wallet, without detailing how this was done:
A huge shoutout goes to @buffalu__ @brian_smith_0 for helping us successfully rescue $1m from the Atomic Wallet hacker for one of the victims.
– ZachXBT (@zachxbt) June 4, 2023
At the time of writing, Atomic Wallet had still not given any more precise information, leaving its users in the dark as to what was going to happen next. We therefore strongly recommend that you withdraw your funds from this wallet.
It is also important to consider securing your funds with a hardware wallet.
