According to a recent blog post by Elliptic, a blockchain intelligence firm, users of Atomic Wallet may have been targeted by Lazarus, the notorious hacking group from North Korea. The post highlights that Atomic Wallet users could have potentially become victims of Lazarus.
Group-IB, a cybersecurity firm, has released a report indicating that Lazarus, the notorious hacking group is allegedly behind various notable cryptocurrency thefts. Notably, the report links Lazarus to the infamous 2018 Coincheck hack, recognized as one of the largest cryptocurrency heists in history, where more than $500 million worth of digital currency was lost.
On an early Saturday morning, the developers of Atomic, a non-custodial cryptocurrency wallet, disclosed that certain users had experienced security breaches resulting in the loss of funds from their wallets. The company clarified that the affected users constituted less than 1% of their "monthly active users." This announcement came in response to numerous Reddit posts where users expressed grievances about their depleted wallets.
A claim made by a blockchain investigator named ZachXBT suggests that the recent security breach involving Atomic Wallet resulted in the unauthorized acquisition of users' digital assets. The stolen cryptocurrencies allegedly encompass bitcoin (BTC), ether (ETH), tether (USDT), dogecoin (DOGE), litecoin (LTC), BNB coin (BNB), polygon (MATIC), and USDT based on Tron. It is estimated that this incident has led to a financial impact of approximately $35 million. However, it is important to note that the credibility of ZachXBT's claim is unverified and should be treated with caution.
Atomic Wallet vulnerabilities highlighted by Least Authority:
• Inadequate cryptography implementation
• Insufficient adherence to wallet design best practices
• Lack of comprehensive project documentation
• Improper use of the Electron framework
Insights from Hacken's CEO, Dyma Budorin:
• Potential vulnerability in the generation of recovery phrases, making them susceptible to brute-force attacks
• Possibility of mathematical derivation of private keys from Bitcoin blockchain data, as outlined in a recent research paper
• Identification of an outdated and vulnerable dependency in the Android version of Atomic Wallet, specifically related to transaction signing
Impact of the security breach:
• Unauthorized access to users' funds
• Potential theft of funds due to the identified vulnerabilities in Atomic Wallet
Furthermore, the CEO of Atomic declined to provide any insights into the potential cause of the hack when he was approached for comment. However, Gladych investigative firm mentioned that a portion of the stolen funds has been identified on exchanges and subsequently frozen or blocked as a precautionary measure.