Upland: Berlin is here!

Atomic Wallet, which was hacked on June 3, is narrowing down the likely cause of the breach, according to a recent report. statement.

The non-custodial platform said in a statement that the breach could have been caused by a virus, malware code injection, infrastructure compromise, or man-in-the-middle attack on local user devices.

In a man-in-the-middle attack, the perpetrator intercepts communications between two parties, such as the atomic wallet and the user, and steals information. Atomic Wallet claims that none of the listed causes have been confirmed, suggesting that the exact cause of the breach remains unknown. There it was stated:

“At this time, this type of attack is very difficult to recognize, and we have not seen any issues that could lead to a large-scale compromise.”

The company added that it does not store or have access to users’ private keys, which complicates investigating the exact cause of the breach.

Atomic Wallet is trying to recover stolen assets

Atomic Wallet said it changed access to its servers and put its internal processes into “under attack mode” as soon as it received reports of the hack. The platform has also suspended app downloads and updates.

The company is working on security updates to its apps to “reduce the likelihood of future attacks.”

Atomic Wallet worked with Chainalysis and Crystal to conduct an ongoing investigation into the attack. Chainalysis said in a June 13 report that Atomic Wallet users lost more than $100 million in total in the attack. About $1 million of the stolen assets were frozen on exchanges at the time.

According to Atomic Wallet, the stolen funds have been laundered through cryptocurrency mixers and other services, but “most of it is still traceable.” The platform works with major exchanges to freeze stolen funds. However, users should wait until all stolen assets are seized before they can expect to recover their losses. The company said:

“We are actively cooperating with investigators and authorities in cryptocurrency cases. Our next step will be to work on a legal framework for seizing and distributing frozen deposits to affected users.” .”

users are frustrated

Since the breach, Atomic Wallet users have been frustrated by the lack of updates from the company. While the June 20 statement provided some insight, it was unlikely to provide the clarity users were looking for.

many users remain not satisfied There is a lack of specific details about compensation plans and when assets will be returned. The company claimed that less than 0.1% of Atomic Wallet app users were affected by the hack, although some users disputed the hack.

Additionally, Atomic Wallet said its build was “verified by an external auditor.” Yevhenii Bezuhlyi, former head of smart contract audit at cybersecurity firm Hacken, said: questioned Who is the auditor and where is the auditor’s statement?

About the 2021 Audit by the Auditor Least Privilege said A blog update written in February 2022 said the platform was “poorly secure” and exposed users to “significant risks.” The post has since been unpublished from the website, and a search for the “atomic” wallet yielded no results. However, CryptoSlate was able to access it. Archive version.

CryptoSlate has contacted the Least Authority, but has not received a response as of this writing.

Additionally, Least Privilege said they believe Atomic Wallet did not address some of the issues raised in the initial audit.

By Jules

Leave a Reply