A Non-Custodial wallet, Atomic Wallet, being compromised - page 2.

BitcoinsGreat

sr. member

Activity: 1022

Merit: 280

Quote from: Z-tight on September 26, 2023, 03:33:28 PM

Quote from: BitcoinsGreat on September 26, 2023, 10:34:36 AM

Do we have the data revealing how many users were using the atomic wallet before the hack and how many people are still using this wallet?

No, we cannot get that data, but Atomic wallet claims that the hack only affected less than 0.1% of their userbase, so if that is true, maybe so many people who don't know the right thing to do would still be using Atomic wallet.

Everyone who hears this news should stop using it even if they do not fall in this 0.1% category. Once hacked, it can be exploit again either by the hackers or by the team themselves.

Quote from: Z-tight on September 26, 2023, 03:33:28 PM

Even if they were not hacked, it is still not recommended to use closed source wallets like Atomic wallet or Trust wallet.

Trust Wallet is even more widely used than the Atomic wallet. By the way, if all closed source wallets are not recommended, why do we use/promote Ledger Nano (Hardware Wallet) ? It is also a closed source as I know.

Wind_FURY

legendary

Activity: 2898

Merit: 1823

Quote from: BlackHatCoiner on September 26, 2023, 03:56:41 PM

Quote from: Wind_FURY on September 23, 2023, 09:41:20 AM

They should probably start shutting down they're infrastructure, stop downloads of their software, post warnings in their website. A smart hacker could be collecting a list of wallets they can steal coins from and they're probably preparing the logistics of how they can take all of them in one attack.

Maybe, I say maybe, that little smart hacker is Atomic wallet themselves. Just a wild conspiracy theory there! Cheesy

Hahaha then let's add more to that conspiracy theory. Maybe, just "maybe", Atomic Wallet's developers are state-sponsored developers waiting for the right time to cause a wave of chaos which perhaps could make a bear-market-causing-crash. - They will execute their exploit/back-door during the new ATH of the next bull cycle, most probably it will be on 2025 or 2026.

Plus did anyone notice that the exploits stop when users start to "notice things".

¯\_(ツ)_/¯

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: Wind_FURY on September 23, 2023, 09:41:20 AM

They should probably start shutting down they're infrastructure, stop downloads of their software, post warnings in their website. A smart hacker could be collecting a list of wallets they can steal coins from and they're probably preparing the logistics of how they can take all of them in one attack.

Maybe, I say maybe, that little smart hacker is Atomic wallet themselves. Just a wild conspiracy theory there! Cheesy

Quote from: BitcoinsGreat on September 26, 2023, 10:34:36 AM

Do we have the data revealing how many users were using the atomic wallet before the hack and how many people are still using this wallet?

Lol. Would you trust data coming from a company that literally has nothing to say about their software ripping off millions of users' coins? I'm quite having the impression Atomic wallet is closed-source for if it wasn't, even an undergraduate student of CS would be capable of correcting their repo.

Z-tight

hero member

Activity: 994

Merit: 1089

Quote from: BitcoinsGreat on September 26, 2023, 10:34:36 AM

Do we have the data revealing how many users were using the atomic wallet before the hack and how many people are still using this wallet?

No, we cannot get that data, but Atomic wallet claims that the hack only affected less than 0.1% of their userbase, so if that is true, maybe so many people who don't know the right thing to do would still be using Atomic wallet.

Quote from: BitcoinsGreat on September 26, 2023, 10:34:36 AM

To be frank, even if they tell us, what happened, we shouldn't trust them and should not be using that wallet again.

Even if they were not hacked, it is still not recommended to use closed source wallets like Atomic wallet or Trust wallet.

OmegaStarScream

staff

Activity: 3500

Merit: 6152

Quote from: BitcoinsGreat on September 26, 2023, 10:34:36 AM

Do we have the data revealing how many users were using the atomic wallet before the hack and how many people are still using this wallet?
-snip-

They claim to have 5 million users[1]. It's difficult to say how many have left though, since there is no trading volume, or live data to look at but I don't think many have left because not that many people have lost their funds (again, according to the team).

Quote from: https://economictimes.indiatimes.com/tech/technology/atomic-wallet-faces-security-breach-loses-over-35-million-in-cryptocurrency/articleshow/100760882.cms?utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst

Atomic Wallet boasts a user base of over 5 million individuals worldwide
-snip-

BitcoinsGreat

sr. member

Activity: 1022

Merit: 280

Quote from: NotATether on September 26, 2023, 09:44:28 AM

So it looks like Atomic Wallet has absolutely no interest in revealing what was happening to its infrastructure, and tried to put profit over its users or is trying its best to avoid absolute collapse. Whatever is happening, it does not look good for Atomic at all.

Do we have the data revealing how many users were using the atomic wallet before the hack and how many people are still using this wallet?

To be frank, even if they tell us, what happened, we shouldn't trust them and should not be using that wallet again.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

So it looks like Atomic Wallet has absolutely no interest in revealing what was happening to its infrastructure, and tried to put profit over its users or is trying its best to avoid absolute collapse. Whatever is happening, it does not look good for Atomic at all.

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

When I read DaveF's update I had such an intense urge to rant on this [censored] wallet provider giving the probably lamest excuse next to being completely silent. But then self-imposed forum behavior protocol rules were auto-triggered and I slept over it (multiple times moving between rant and na, not worth it, you ranted already, nothing new to say).

Nearly four months have passed and this wallet provider has nothing more to post publicly than "not our fault, looking in to it"?? That's not even a bad joke, that's worse than that. My gutt feeling tells me, they know exactly why they are basically not telling anything. But that's just my speculative thoughts.

Users of Atomic Wallet should take appropriate action and consequences. Anyone who loses coins with Atomic Wallet in the future has to blame themselves for being ignorant and reckless.

virasog

legendary

Activity: 3136

Merit: 1172

Leading Crypto Sports Betting & Casino Platform

Quote from: DaveF on September 22, 2023, 06:42:12 AM

They made an update to June 3rd Event Statement the other say.
Still says 'not our fault, looking in to it'
https://atomicwallet.io/blog/articles/june-3rd-event-statement

I'm guessing that they hope it just quietly fades away and drops from peoples memories.

-Dave

Please find the snip from the same article.

Quote

In light of the reports from our users on the 3rd of June, we immediately changed access to all our servers and switched our internal processes to 'under attack mode'. In addition, we are working on a security app update to reduce the chances of potential future attacks. We strongly encourage all our users to keep their wallet apps updated to the latest versions.

Giving lame excuses and what's more, encouraging the users to keep using the same closed source wallet.
If they cared so much about the people, they would have announced that they would be moving towards open source, but not to be.

Anyone who will still trust them is responsible for their loss if the same hack happens again.

Wind_FURY

legendary

Activity: 2898

Merit: 1823

Quote from: DaveF on September 22, 2023, 06:42:12 AM

They made an update to June 3rd Event Statement the other say.
Still says 'not our fault, looking in to it'
https://atomicwallet.io/blog/articles/june-3rd-event-statement

I'm guessing that they hope it just quietly fades away and drops from peoples memories.

-Dave

They should probably start shutting down they're infrastructure, stop downloads of their software, post warnings in their website. A smart hacker could be collecting a list of wallets they can steal coins from and they're probably preparing the logistics of how they can take all of them in one attack.

Shower thought. It's 2025, Bitcoin is in a bull cycle priced at $100,000 per coin, THEN the Atomic Wallet hacker steals more than $1 Billion in Bitoin in one hour.

¯\_(ツ)_/¯

Z-tight

hero member

Activity: 994

Merit: 1089

Quote from: DaveF on September 22, 2023, 06:42:12 AM

I'm guessing that they hope it just quietly fades away and drops from peoples memories.

And that's exactly what's going to happen, the people who lost funds aren't getting it back for sure, so the only reason why people probably need answers as to what exactly happened is to mitigate a future occurrence. But again, why would people still be using Atomic wallet or any other closed source wallet after what happened, you'll think that most of them would have moved to well reviewed open source wallets like Electrum, but you'd be surprised at the number of victims there would be if another closed source wallet or centralized exchange is hacked or compromised today.

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

They made an update to June 3rd Event Statement the other say.
Still says 'not our fault, looking in to it'
https://atomicwallet.io/blog/articles/june-3rd-event-statement

I'm guessing that they hope it just quietly fades away and drops from peoples memories.

-Dave

Z-tight

hero member

Activity: 994

Merit: 1089

Quote from: RickDeckard on August 11, 2023, 07:48:14 PM

Plus, their users are still being silenced by the company[2]. For anyone still thinking in using this service - don't do it if you care for your assets.

It is disgraceful honestly, they say they are removing the posts because of privacy and security reasons, when did people posting about the money they lost in a hacked wallet and also requesting for updates become a security and privacy risk. Disgraceful behaviour from Atomic Wallet, after this i don't think any update should even be expected from them on this case, i hope people who still use this wallet understands that they are closed source and they are now acting shady.

RickDeckard

legendary

Activity: 1148

Merit: 3117

After a small hiatus from my side, I remembered to check back on this event for any updates - It didn't come as a surprise but it has been now 3 months after the drainage of millions of users assets and no kind of update has been given to them (other than the one made 06/20[1]) by Atomic Wallet. Plus, their users are still being silenced by the company[2]. For anyone still thinking in using this service - don't do it if you care for your assets.

[1]https://atomicwallet.io/blog/june-3rd-event-statement
[2]https://libreddit.pussthecat.org/user/atomicwallet

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: logfiles on July 23, 2023, 07:57:51 PM

I would treat it the same as a centralized exchange or a service that has already been completely compromised.

I'd actually trust a centralized exchange more than that. At least if you register on some popular, regulated exchange you know that you're sending your coins to some licensed company. Sure, it can go bankrupt or/and hacked, but at least you know it isn't your fault. There is no way to know with certainty you made some mistake here during wallet creation. The software is closed-source; the developers can rip you off, blame it to you, and you could have nothing to say in your defense.

Z-tight

hero member

Activity: 994

Merit: 1089

Quote from: sheenshane on July 23, 2023, 08:27:00 PM

The hacked activities were made by their team who is behind on this major issue? (because I'm thinking this way)

We can only speculate, but from what i have read about the hack, many people are suspecting this to be what happened, it was probably an inside job, maybe someone in their team added something malicious to their code, but until Atomic Wallet tells us what happened, we can only speculate, that's why closed source wallets aren't good.

Quote from: sheenshane on July 23, 2023, 08:27:00 PM

Newbies should stay away from this wallet since there are a lot of issues and it's not completely open source.

Newbies should not only stay away from Atomic Wallet, but all closed source wallets, like Trust Wallet, the victims this time is users of Atomic Wallet, but who knows the closed source wallet that is next.

sheenshane

legendary

Activity: 2366

Merit: 1206

Quote from: logfiles on July 23, 2023, 07:57:51 PM

I would treat it the same as a centralized exchange or a service that has already been completely compromised.

Exactly, I saw a lot of complaints regarding this Atomic wallet the same on this thread which you also commented on those links of hacked issues.

What do you think?
The hacked activities were made by their team who is behind on this major issue? (because I'm thinking this way)
Newbies should stay away from this wallet since there are a lot of issues and it's not completely open source.

logfiles

copper member

Activity: 2114

Merit: 1794

Top Crypto Casino

Quote from: daworm06 on July 22, 2023, 09:57:01 PM

I was one of those hacked. I always use atomic wallet on a dedicated laptop that is not used for anything else other than a wallet. I couldn't get my EOS to send, so support recommended I download the wallet to another device and I did, to my cell phone on May 31, from the Apple store. I believe that my account was compromised when I entered the seed phrase on my Iphone. What do you think?

Very likely, though not conclusive.

This particular issue involved lots of innocent users, and the team behind atomic wallet have not yet given any clear explanation about the exploit.

Quote from: DaveF on July 21, 2023, 06:49:40 AM

Just did a quick look around, has there been ANY update anywhere on this?

At this point they are not ever going to be considered secure again, but they seem to have just stopped mentioning it and as far as I can tell so have a lot of the online places that I read

They were never secure in the first place (in regard to not having an open source code) Wink

Pretty messed up wallet and the team behind it. I would treat it the same as a centralized exchange or a service that has already been completely compromised.

Z-tight

hero member

Activity: 994

Merit: 1089

Quote from: daworm06 on July 22, 2023, 09:57:01 PM

I was one of those hacked. I always use atomic wallet on a dedicated laptop that is not used for anything else other than a wallet. I couldn't get my EOS to send, so support recommended I download the wallet to another device and I did, to my cell phone on May 31, from the Apple store. I believe that my account was compromised when I entered the seed phrase on my Iphone. What do you think?

Sorry for your loss, but downloading the same Atomic Wallet software into another device couldn't have helped to protect you, that is because with the number of Atomic Wallet users who had their wallets compromised, it surely wasn't a local issue, but one that was wrong with the Atomic wallet software.

You should have used your seed phrase to import your wallet into a recommended software like Electrum, and send your funds immediately into another wallet with an Electrum seed phrase. It is going to be difficult to know exactly why you were hacked because even Atomic Wallet haven't provided an update on what caused the multiple attacks to their customers. Don't use closed source wallets, use open source wallets like Electrum, Sparrow or BlueWallet, or open source hardware wallets like Passport to store your funds.

Cricktor

hero member

Activity: 714

Merit: 1010

Crypto Swap Exchange

Quote from: daworm06 on July 22, 2023, 09:57:01 PM

... I couldn't get my EOS to send, so support recommended I download the wallet to another device and I did, to my cell phone on May 31, from the Apple store. I believe that my account was compromised when I entered the seed phrase on my Iphone. What do you think?

Did you thoroughly check that you downloaded the correct app from Apple store? While it's rare, sometimes malicious apps can sneak into Apple store, too. Apple store verifications are not without errors and oversights.

How did you enter your wallet recovery words on your iPhone? Carefully typing by hand (assuming the keyboard app is safe) from an analog source or did you use some copy/paste actions from a digital source?

There's a lot that can go wrong if you're not aware of pitfalls and your descriptions lacks quite some details to judge what might have gone wrong. To be clear: I don't want to defend Atomic Wallet in any way. They brushed away valid security concerns of their product from past audit(s) without addressing them properly. I'm not convinced that Atomic Wallet knows what they're doing with their complex product.

Topic: A Non-Custodial wallet, Atomic Wallet, being compromised - page 2. (Read 2551 times)