Atomic Wallet Major Cybersecurity Breach
Take action: A rare and very unfortunate attack vector - compromising of the application code. If developing code, implement rigid code review and approval practices for all critical components of the system, making it very difficult for any one person to inject malicious code without another person reviewing and approving the code.
Learn More
Atomic Wallet, a popular cryptocurrency wallet provider, is currently investigating a major cybersecurity incident involving a significant breach. Preliminary estimates suggest that hundreds of millions of dollars' worth of cryptocurrency has been stolen from private wallets. This has caused alarm, particularly among Australian users.
At least $35 million worth of crypto assets have been confirmed stolen from Atomic Wallet users since 2nd of June.
Google has suspended downloads and updates for the Atomic Wallet app in Australia.
Initial investigations point to a malicious serverside update as the attack vector for the breach. Users have described a forced app update that preceded the loss of their entire cryptocurrency balance.
It appears that the security breach occurred on Atomic Wallet's compromised cloud server, allowing the attacker to tamper with the application code and introduce a fraudulent update.
While private keys are not stored on the server, the compromised version of the app was able to read and transmit the keys to the hacker. Upon logging in, users were prompted to install the involuntary "new version," which contained the malicious code. The tampered update likely included a crypto-stealing trojan, which intercepted and extracted users' private keys. These keys are crucial for the security of cryptocurrency wallets, and by obtaining them, the attacker gained access to users' cryptocurrency assets, resulting in the large-scale theft.
This suspected breach method raises concerns about the security protocols at Atomic Wallet, as it appears that the unauthorized modification of the software on the compromised server went undetected before being rolled out to end-users. The incident underscores the vulnerabilities that exist in cryptocurrency platforms and highlights the urgent need for robust security measures to safeguard user assets.
In response to numerous complaints across forums and social media platforms, Atomic Wallet acknowledged the breach on its Twitter account and assured users that an investigation is currently underway. The company stated that it is working with leading security firms to identify the attack vectors and is actively gathering information from affected users. Additionally, they have reached out to major exchanges and blockchain analytics companies to track and potentially block the stolen funds.
