Atomic Wallet, the decentralized wallet provider, has finally released a comprehensive “event statement” regarding the exploit that occurred in early June. However, despite the release of this statement, Atomic Wallet users are still left with unanswered questions and a lingering sense of skepticism.
The statement announced in a Tweet on June 21, comes as the first major update from Atomic Wallet since the exploit occurred. The incident, which has been estimated to have resulted in losses of up to $100 million, has left users hungry for more information about the actual cause of the breach.
June 3rd event Statement. To summarise, less than 0.1% of Atomic app users have been affected. Since then, no new cases have been reported.
None of the possible issues are confirmed as potentially causing massive breaches, at least in the latest app versions. Builds are verified… pic.twitter.com/YTcOFpo3M3
— Atomic – Crypto Wallet (@AtomicWallet) June 21, 2023
Atomic Wallet Reveals Exploit Details: Users Seek Answers
Atomic Wallet maintains that there have been no new confirmed cases following the initial reports of the hack, and it reiterates its previous claim that less than 0.1% of app users were affected. However, this figure has been met with disbelief by many, who refute the company’s assertion.
The wallet provider, unfortunately, did not shed light on the exact nature of the exploit. Instead, it outlined four “probable” causes, including a virus on user devices, an infrastructure breach, a man-in-the-middle attack, or malware code injection. It emphasized that none of these scenarios have been confirmed as the root cause of the massive breaches. It did mention, however, that its security infrastructure has been updated.
The Web3 wallet provider has also stated that it is working on an app update to enhance security, which it claims has been verified by external auditors.
Nevertheless, certain aspects of the statement have raised questions among users. Yevhenii Bezuhlyi, the former head of smart contract audit at cybersecurity firm Hacken, inquired about the identity of the mentioned “external auditors” and the availability of their statements.
Meanwhile, Ouriel Ohayon, CEO of rival wallet provider ZenGo, questioned why Atomic Wallet needed to update its security infrastructure and what prompted such a measure.
Critics have pointed out that the wide range of potential causes suggested by Atomic Wallet indicates a lack of understanding regarding the true nature of the exploit.
Allegations of Internal Breach and Cover-Up Emerge
User frustration continues to mount as the official statement from Atomic Wallet fails to address all concerns adequately. One user points out that their private keys were securely stored on a piece of paper in a safe, indicating an internal breach or vulnerability exploited within Atomic’s app or server. The user questions the visibility of their keys within the app, suggesting that Atomic Wallet stores the keys somewhere, contrary to their claim.
Another user accuses Atomic Wallet of orchestrating a cover-up and suspects that the hackers gained access to users’ seed phrases due to security flaws in the latest application. They allege that the hack was an internally planned event.
Furthermore, disgruntled users express their dissatisfaction with Atomic Wallet’s claim that only 0.1% of users were affected, labeling it a huge lie and demanding transparency. They find it hard to believe that a theft of $50 million could occur with such a small percentage of affected users.
Some users further point out that subsequent hacks occurred after June 3, contrary to Atomic Wallet’s repeated reference to that date. They emphasize that their accounts were hacked on June 4 and believe there are others with similar experiences.
Why do you keep referring to June 3rd like no other hack took place after this date?? I've filled in the form as you asked and my account was hacked on the 4th of June and I'm sure there are others like me!
— Ak (@Hussain31099124) June 21, 2023
As the investigation into the Atomic Wallet exploit continues, users eagerly await further updates and concrete actions from the wallet provider to address their concerns and provide a sense of reassurance in the security of their digital assets.