The Atomic Wallet development team is currently investigating reports of a significant cryptocurrency theft from users’ wallets, resulting in the loss of more than $35 million. Atomic Wallet is a cryptocurrency wallet available for desktop and mobile devices, catering to various operating systems like Windows, Android, iOS, macOS, and Linux.
On June 3rd, Atomic Wallet acknowledged the reports of compromised wallets and announced their initiation of an investigation into the matter. Via Twitter, they assured users that they were actively looking into the situation and would share updates as more information became available.
In a recent tweet, Atomic Wallet disclosed their collaboration with external security firms to conduct a joint investigation, aiming to identify potential attack vectors and impede the sale of the pilfered funds on exchanges. The developers have taken precautionary measures by taking down their download server, ‘get.atomicwallet.io,’ presumably to prevent further compromises and potential breaches.
An individual named ZachXBT, who specializes in blockchain analysis, has been monitoring the transactions involving funds stolen from Atomic Wallet victims. According to ZachXBT, the compromised amount exceeds $14 million across various cryptocurrencies such as Bitcoin, Ethereum, Tron, Binance Smart Chain (BSC), Cardano, Ripple, Polkadot, Cosmos, Algorand, Avalanche, Stellar, Litecoin, and Dogecoin. Subsequently, additional transactions have elevated the total stolen amount to over $35 million.
Tay, a crypto security researcher, revealed that the earliest transaction related to the pilfered Atomic Wallet assets occurred on Friday, June 2nd, at 21:45 UTC.
A cryptocurrency theft occurred over the weekend.
Over the weekend, users of Atomic Wallet took to Twitter and the developer’s Telegram channel to report instances of cryptocurrency being stolen from their Atomic Wallet wallets.
In response to the reports, Atomic Wallet is now actively gathering information from the victims. They are requesting details regarding the users’ operating systems, the source from which they downloaded the software, actions performed prior to the theft, and the storage location of the backup phrase.
To aid in the investigation, a Google Docs form has been created where victims can submit the requested information and more.
While some users attribute the theft to a recent software update, others claim that their cryptocurrency was stolen despite never having performed an update.
The exact method of compromise remains unclear at this time. Meanwhile, users are advised to transfer their crypto assets to alternative wallets while the developers conduct their security investigation.
BleepingComputer reached out to Atomic Wallet for further details regarding the attack, but a response was not immediately provided.