Multichain crypto wallet Atomic Wallet has been exploited. Early indications suggest that around $35 million was siphoned.
The first signs of the exploits came from users on Crypto Twitter who lamented about losing all their funds and requested a clear response from the team.
Up to $35 million Stolen
With nothing definite coming from the Atomic Wallet team, on-chain sleuth ZachXBT asked those affected to send a transaction hash of the stolen funds.
So far, ZachXBT has been able to account for over $14 million of stolen funds based on the people who contacted him. But he estimated that total stolen funds could be up to $35 million.
The exploit affected over 100 addresses, and assets were stolen across chains, including Bitcoin, Ethereum, Tron, BSC, Cardano, Ripple, Polkadot, Cosmos, Algorand, Avalanche, Litecoin, and Dogecoin.
The funds were stolen between June 2 and June 3. The most significant individual loss is $7.95 million USDT. The five biggest losses account for $17 million, according to ZachXBT.
Meanwhile, ZachXBT stated that $1 million had been rescued. The on-chain sleuth promised to provide more information on how this was done later.
Several bad actors have begun sending phishing links to comment sections to prey on victims. ZachXBT warned the community to be careful of these tweets.
Atomic Wallet is Investigating Incident
However, Atomic Wallet is yet to confirm or deny the reports. The crypto firm said it was investigating and analyzing the situation and promised to share more information soon.
“We are doing all we can to investigate and analyse the situation. As we have more information, we will share it accordingly,” the team tweeted.”
Atomic Wallet was yet to respond to BeInCrypto’s request for comment as of press time.
Due to the lack of information, several users have moved their assets to other wallet service providers. According to Atomic’s website, it has around 5 million users.
Supply Chain Attack?
Wu Blockchain reported that SlowMist suggested the incident was a supply chain attack because Atomic’s official website was recently updated. According to the blockchain security firm, a hacker might have tampered with the software source code on the server for ordinary users to download.
A community member, Tay, pointed out Atomic’s “security posture sucks.” Tay added:
“[Atomic] aggressively silence people, and your products and services facilitate theft on a daily basis and have for years.”
Disclaimer
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.