A popular cryptocurrency wallet provider has revealed that some of its customers have been compromised in a campaign that has already cost an estimated tens of millions of dollars.
Atomic Wallet, a decentralized wallet that supports over 500 coins and tokens, says its mission is to “provide a convenient way to manage cryptocurrencies.”
But on Saturday, it tweeted that it was starting to receive reports of customers’ wallets being compromised.
“Less than 1% of monthly active users are currently affected/reported. The last drained transaction was seen over 40 hours ago,” it claimed. tweet on monday morning.
“A security investigation is ongoing. We will report the victim’s address to major exchanges and blockchain analytics to track and block stolen funds.”
For more on cryptocurrency theft, cybercriminals exploit hardware wallets to steal around $30,000.
One of the blockchain investigators with the Twitter handle @zackxbt claimed as of Sunday At least $35 million was stolen, with the largest victim losing nearly $8 million and the five largest victims nearly half the total ($17 million).
Over 100 customer wallets were listed as affected by the attack, and compromised users were asked to share their addresses and transaction hashes to determine the scope and scale of the incident.
“The application that Atomic Wallet built was not built in a secure way,” claimed another researcher, “@tayvano_.” on Twitter.
“Either someone pushed a malicious version of the application that steals user keys. It was.”
They claimed that the raids on user wallets detected so far date back to Friday, June 2nd.
Adding further danger to those affected is the emergence of opportunistic scammers online.
Some users took to Twitter and created fake accounts impersonating Atomic Wallet and posting links promising to refund the funds to compromised users. one of the scam accounts It’s also “verified” by Twitter’s golden checkmark, which should indicate a legitimate business.
