North Korean hackers stole $100M from Atomic Wallet users.

Atomic Wallet, a decentralized wallet that does not require a custodian, has been the victim of a significant exploit, resulting in users losing their entire cryptocurrency portfolios. This breach has caused shockwaves throughout the cryptocurrency community, as Atomic Wallet’s core concept is based on users being responsible for securely storing their assets.

The losses resulting from the Atomic Wallet heist have now exceeded $100 million, according to Elliptic’s analysis. This alarming figure emphasizes the severity of the attack, which affected around 5,500 crypto wallets.

Despite the magnitude of the incident, Atomic Wallet has not yet provided any explanation regarding the root cause of these significant losses. This has led to growing concerns from users who are eagerly awaiting clarification and reassurance from the company. Meanwhile, the company’s last Twitter update was on June 7.

Frustrated Atomic Wallet users have taken to Twitter to express their annoyance with the company’s handling of the situation. Ezra Carlson, a Twitter user, shared a tweet tagging Atomic Wallet, asking why the company did not warn him about being hacked and how it was not safe to use Atomic Wallet last week before he transferred his assets and got hacked.

@AtomicWallet why won’t AM give me a straight answer about why they didn’t warn me, knowing full well that they were being hacked, that it was not safe to use AM last week before I made a transfer to my wallet that was then hacked.

— Ezra Carlson (@ezziecarlson) June 13, 2023

Another user, “Real Deal Crypto,” criticized Atomic Wallet for not updating its users about the situation, saying, “Your last update was five days ago – SERIOUSLY?!?!”

@AtomicWallet Your last update was five days ago – SERIOUSLY?!?!

— RealDealCrypto (@hokiefan691S) June 13, 2023

On June 3, Atomic Wallet acknowledged reports of compromised wallets in a tweet but downplayed the impact, stating that less than 1% of its user base had been affected. However, the significant amount of losses suggests a significant breach.

At the moment less than 1% of our monthly active users have been affected/reported. Last drained transaction was confirmed over 40h ago. Security investigation is ongoing. We report victim addresses to major exchanges & blockchain analytics to trace and block the stolen funds.

— Atomic – Crypto Wallet (@AtomicWallet) June 5, 2023

Related: Atomic Wallet hack losses top $35M, on-chain sleuth reports

Elliptic has attributed the heist to the notorious Lazarus Group, which is believed to have stolen over $2 billion in cryptocurrency assets through various thefts. According to Elliptic, this is the first time a significant crypto heist has been openly attributed to the Lazarus Group since its $100 million exploit of Horizon Bridge in June 2022.

After the heist, Elliptic stated that it was collaborating with international investigators and exchanges and utilizing its resources to recover the stolen assets. The company’s efforts have reportedly resulted in the freezing of over $1 million worth of the stolen funds so far. However, the blockchain analysis company noted that “in response to the freezing of these funds, the thief has begun to change their behavior. In particular, they have turned to the Russia-based Garantex exchange to launder the stolen assets.”

The recent attack is one of several notable breaches, including the recent Jimbos Protocol exploit, which resulted in a loss of $7.5 million, and a malicious proposal that seized control of Tornado Cash’s governance in May. According to a Chainalysis report, it is estimated that crypto hackers stole a staggering $3.8 billion in 2022, with a significant portion attributed to attacks linked to North Korea and a large number of exploits targeting decentralized finance protocols.

Magazine: Should crypto projects ever negotiate with hackers? Probably