Atomic Wallet is facing pushback online after releasing a statement last week that avoided specifics regarding the massive theft of its users’ funds earlier this month.
The non-custodial decentralized wallet company claims “less than 0.1% of Atomic app users have been affected” by the June 3rd hack.
However, Atomic’s statement doesn’t provide an estimate for the total amount of funds stolen, indicate who was behind the hack or reveal any specific details about how the attack happened.
“The team has researched various potential causes, the most probable of which are virus targeting on local users’ devices, infrastructure breach, malware code injection, or a man-in-the-middle attack. At the moment, none of the possible issues are confirmed as potentially causing massive breaches, as such types of attacks are very hard to recognize.”
Elliptic, a blockchain analytics and compliance firm, has independently tracked the compromised crypto wallets and estimates that more than $100 million worth of crypto was stolen. The firm also conducted an analysis that suggests North Korea’s state-sponsored hacking Lazarus Group orchestrated the theft.
In its statement last week, Atomic also chose not to mention any specifics regarding a reimbursement plan for its customers, though the company did say it was working with the blockchain analysis firms Chainalysis and Crystal to track the missing crypto.
“Our top priority is to help as many affected users as we can. We are actively working with crypto incidents investigators and authorities. The next step will be working on a legal framework for seizing frozen deposits and distributing them among affected users.”
Atomic also appeared to shift responsibility for the breach away from itself.
“We want to assure you that Atomic Wallet, as a company, does not store or have access to users’ private keys, thus making the investigation of the root cause more complex. Atomic is essentially a software application to manage users’ crypto on local devices. We don’t ask for any personal information, nor do we store user accounts, etc.
Atomic, as a company, has no custody; developers have never had access to users’ funds. Crypto is stored on the blockchain only, with private keys encrypted on local users’ devices. However, anyone who has access to a user’s seed phrase may import it to any other similar wallet app and get access to funds.”
Atomic says no new cases have been reported since the initial incident on June 3rd, and the wallet firm also notes that its “security infrastructure has been updated.”
Ouriel Ohayon, CEO of the crypto wallet company ZenGo, pressed Atomic on Twitter for more information regarding what that security update actually included.
Other Twitter users bashed the company for not providing any information regarding compensation plan. Some criticized the company for failing to provide more details about how the hack actually happened, and others still accused Atomic of deliberately hiding that information.
Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inboxGenerated Image: Midjourney