Topic: A Non-Custodial wallet, Atomic Wallet, being compromised - page 2. (Read 2334 times)
So it looks like Atomic Wallet has absolutely no interest in revealing what was happening to its infrastructure, and tried to put profit over its users or is trying its best to avoid absolute collapse. Whatever is happening, it does not look good for Atomic at all.
When I read DaveF's update I had such an intense urge to rant on this [censored] wallet provider giving the probably lamest excuse next to being completely silent. But then self-imposed forum behavior protocol rules were auto-triggered and I slept over it (multiple times moving between rant and na, not worth it, you ranted already, nothing new to say).
Nearly four months have passed and this wallet provider has nothing more to post publicly than "not our fault, looking in to it"?? That's not even a bad joke, that's worse than that. My gutt feeling tells me, they know exactly why they are basically not telling anything. But that's just my speculative thoughts.
Users of Atomic Wallet should take appropriate action and consequences. Anyone who loses coins with Atomic Wallet in the future has to blame themselves for being ignorant and reckless.
Nearly four months have passed and this wallet provider has nothing more to post publicly than "not our fault, looking in to it"?? That's not even a bad joke, that's worse than that. My gutt feeling tells me, they know exactly why they are basically not telling anything. But that's just my speculative thoughts.
Users of Atomic Wallet should take appropriate action and consequences. Anyone who loses coins with Atomic Wallet in the future has to blame themselves for being ignorant and reckless.
They made an update to June 3rd Event Statement the other say.
Still says 'not our fault, looking in to it'
https://atomicwallet.io/blog/articles/june-3rd-event-statement
I'm guessing that they hope it just quietly fades away and drops from peoples memories.
-Dave
Still says 'not our fault, looking in to it'
https://atomicwallet.io/blog/articles/june-3rd-event-statement
I'm guessing that they hope it just quietly fades away and drops from peoples memories.
-Dave
Please find the snip from the same article.
Quote
In light of the reports from our users on the 3rd of June, we immediately changed access to all our servers and switched our internal processes to 'under attack mode'. In addition, we are working on a security app update to reduce the chances of potential future attacks. We strongly encourage all our users to keep their wallet apps updated to the latest versions.
Giving lame excuses and what's more, encouraging the users to keep using the same closed source wallet.
If they cared so much about the people, they would have announced that they would be moving towards open source, but not to be.
Anyone who will still trust them is responsible for their loss if the same hack happens again.
They made an update to June 3rd Event Statement the other say.
Still says 'not our fault, looking in to it'
https://atomicwallet.io/blog/articles/june-3rd-event-statement
I'm guessing that they hope it just quietly fades away and drops from peoples memories.
-Dave
Still says 'not our fault, looking in to it'
https://atomicwallet.io/blog/articles/june-3rd-event-statement
I'm guessing that they hope it just quietly fades away and drops from peoples memories.
-Dave
They should probably start shutting down they're infrastructure, stop downloads of their software, post warnings in their website. A smart hacker could be collecting a list of wallets they can steal coins from and they're probably preparing the logistics of how they can take all of them in one attack.
Shower thought. It's 2025, Bitcoin is in a bull cycle priced at $100,000 per coin, THEN the Atomic Wallet hacker steals more than $1 Billion in Bitoin in one hour.
¯\_(ツ)_/¯
I'm guessing that they hope it just quietly fades away and drops from peoples memories.
And that's exactly what's going to happen, the people who lost funds aren't getting it back for sure, so the only reason why people probably need answers as to what exactly happened is to mitigate a future occurrence. But again, why would people still be using Atomic wallet or any other closed source wallet after what happened, you'll think that most of them would have moved to well reviewed open source wallets like Electrum, but you'd be surprised at the number of victims there would be if another closed source wallet or centralized exchange is hacked or compromised today. 
They made an update to June 3rd Event Statement the other say.
Still says 'not our fault, looking in to it'
https://atomicwallet.io/blog/articles/june-3rd-event-statement
I'm guessing that they hope it just quietly fades away and drops from peoples memories.
-Dave
Still says 'not our fault, looking in to it'
https://atomicwallet.io/blog/articles/june-3rd-event-statement
I'm guessing that they hope it just quietly fades away and drops from peoples memories.
-Dave
Plus, their users are still being silenced by the company[2]. For anyone still thinking in using this service - don't do it if you care for your assets.
It is disgraceful honestly, they say they are removing the posts because of privacy and security reasons, when did people posting about the money they lost in a hacked wallet and also requesting for updates become a security and privacy risk. Disgraceful behaviour from Atomic Wallet, after this i don't think any update should even be expected from them on this case, i hope people who still use this wallet understands that they are closed source and they are now acting shady. 
After a small hiatus from my side, I remembered to check back on this event for any updates - It didn't come as a surprise but it has been now 3 months after the drainage of millions of users assets and no kind of update has been given to them (other than the one made 06/20[1]) by Atomic Wallet. Plus, their users are still being silenced by the company[2]. For anyone still thinking in using this service - don't do it if you care for your assets.
[1]https://atomicwallet.io/blog/june-3rd-event-statement
[2]https://libreddit.pussthecat.org/user/atomicwallet
[1]https://atomicwallet.io/blog/june-3rd-event-statement
[2]https://libreddit.pussthecat.org/user/atomicwallet
I would treat it the same as a centralized exchange or a service that has already been completely compromised.
I'd actually trust a centralized exchange more than that. At least if you register on some popular, regulated exchange you know that you're sending your coins to some licensed company. Sure, it can go bankrupt or/and hacked, but at least you know it isn't your fault. There is no way to know with certainty you made some mistake here during wallet creation. The software is closed-source; the developers can rip you off, blame it to you, and you could have nothing to say in your defense. The hacked activities were made by their team who is behind on this major issue? (because I'm thinking this way)
We can only speculate, but from what i have read about the hack, many people are suspecting this to be what happened, it was probably an inside job, maybe someone in their team added something malicious to their code, but until Atomic Wallet tells us what happened, we can only speculate, that's why closed source wallets aren't good.Newbies should stay away from this wallet since there are a lot of issues and it's not completely open source.
Newbies should not only stay away from Atomic Wallet, but all closed source wallets, like Trust Wallet, the victims this time is users of Atomic Wallet, but who knows the closed source wallet that is next. 
I would treat it the same as a centralized exchange or a service that has already been completely compromised.
Exactly, I saw a lot of complaints regarding this Atomic wallet the same on this thread which you also commented on those links of hacked issues. What do you think?
The hacked activities were made by their team who is behind on this major issue? (because I'm thinking this way)
Newbies should stay away from this wallet since there are a lot of issues and it's not completely open source.
I was one of those hacked. I always use atomic wallet on a dedicated laptop that is not used for anything else other than a wallet. I couldn't get my EOS to send, so support recommended I download the wallet to another device and I did, to my cell phone on May 31, from the Apple store. I believe that my account was compromised when I entered the seed phrase on my Iphone. What do you think?
Very likely, though not conclusive.This particular issue involved lots of innocent users, and the team behind atomic wallet have not yet given any clear explanation about the exploit.
Just did a quick look around, has there been ANY update anywhere on this?
At this point they are not ever going to be considered secure again, but they seem to have just stopped mentioning it and as far as I can tell so have a lot of the online places that I read
They were never secure in the first place (in regard to not having an open source code) At this point they are not ever going to be considered secure again, but they seem to have just stopped mentioning it and as far as I can tell so have a lot of the online places that I read
Pretty messed up wallet and the team behind it. I would treat it the same as a centralized exchange or a service that has already been completely compromised.
I was one of those hacked. I always use atomic wallet on a dedicated laptop that is not used for anything else other than a wallet. I couldn't get my EOS to send, so support recommended I download the wallet to another device and I did, to my cell phone on May 31, from the Apple store. I believe that my account was compromised when I entered the seed phrase on my Iphone. What do you think?
Sorry for your loss, but downloading the same Atomic Wallet software into another device couldn't have helped to protect you, that is because with the number of Atomic Wallet users who had their wallets compromised, it surely wasn't a local issue, but one that was wrong with the Atomic wallet software.You should have used your seed phrase to import your wallet into a recommended software like Electrum, and send your funds immediately into another wallet with an Electrum seed phrase. It is going to be difficult to know exactly why you were hacked because even Atomic Wallet haven't provided an update on what caused the multiple attacks to their customers. Don't use closed source wallets, use open source wallets like Electrum, Sparrow or BlueWallet, or open source hardware wallets like Passport to store your funds.
... I couldn't get my EOS to send, so support recommended I download the wallet to another device and I did, to my cell phone on May 31, from the Apple store. I believe that my account was compromised when I entered the seed phrase on my Iphone. What do you think?
Did you thoroughly check that you downloaded the correct app from Apple store? While it's rare, sometimes malicious apps can sneak into Apple store, too. Apple store verifications are not without errors and oversights.
How did you enter your wallet recovery words on your iPhone? Carefully typing by hand (assuming the keyboard app is safe) from an analog source or did you use some copy/paste actions from a digital source?
There's a lot that can go wrong if you're not aware of pitfalls and your descriptions lacks quite some details to judge what might have gone wrong. To be clear: I don't want to defend Atomic Wallet in any way. They brushed away valid security concerns of their product from past audit(s) without addressing them properly. I'm not convinced that Atomic Wallet knows what they're doing with their complex product.
...so support recommended I download the wallet to another device and I did, to my cell phone on May 31, from the Apple store. I believe that my account was compromised when I entered the seed phrase on my Iphone. What do you think?
Except your iPhone was compromised there is no way to know if your wallet was breached when you imported it into your mobile device.The time frame between you importing the seedphrase and the wallet hack announcement is very close and since they probably released an update late it is very plausible that their system malfunction caused you to not be able to send you EOS coins out.
I think Atomic being a closed source wallet should not be used, along with other closed source, custodial wallets.
- Jay -
I was one of those hacked. I always use atomic wallet on a dedicated laptop that is not used for anything else other than a wallet. I couldn't get my EOS to send, so support recommended I download the wallet to another device and I did, to my cell phone on May 31, from the Apple store. I believe that my account was compromised when I entered the seed phrase on my Iphone. What do you think?
Just did a quick look around, has there been ANY update anywhere on this?
None that i have heard or seen of, i think the bigger issue here is that Atomic Wallet doesn't know what caused the mass attack of their customers, so i don't think we are looking forward to any update. It is closed source, they don't know what caused the hack, then it can happen again!
Because it's closed source doesn't mean that they do not know what caused the hack, they probably do. It should actually be BECAUSE it's closed source that the community should be more suspicious. The Atomic developers can check the code, but the open source community can't. What could go wrong?
¯\_(ツ)_/¯
For anyone that wants to keep updated regarding Atomic Wallet hack, this[1] twitter account may be useful to follow. They share relevant updates regarding anything to due with the hack which is still enshrouded in a veil of mystery. I have some reasons to believe that Atomic will eventually cease to exist in the next couple of months.
[1]https://nitter.nl/whathappenedwaw
[1]https://nitter.nl/whathappenedwaw
that
We don't know that THEY don't know what happened. All we know is that WE don't know since they have not told us.
We don't know that THEY don't know what happened. All we know is that WE don't know since they have not told us.
They care more about promoting their service than even customer safety, and I wouldn't be surprised if the recent hack was caused by a former employee or an internal attack. I tried to search for words such as atomic wallet, atomic wallet review using some browsers and different IP addresses and I did not find any details about this hack on the first page. even google keywords like atomic wallet hack will get link like Atomic Wallet Claims 'Less Than 0.1%' of Users Affected by $100M Hack
Their reputation is so shot at this point it probably does not matter for people here who pay attention, but since they are still out there someone else is still going to loose their funds 
Our role should be to showing how bad this wallet is as a first result in search engines and convincing ChangeNOW's third-party services to stop supporting them (although ChangeNOW has a long history of suspicious activity)
Just did a quick look around, has there been ANY update anywhere on this?
None that i have heard or seen of, i think the bigger issue here is that Atomic Wallet doesn't know what caused the mass attack of their customers, so i don't think we are looking forward to any update. It is closed source, they don't know what caused the hack, then it can happen again!Just seems odd that all of a sudden, no more discussion. Although, the other side of it is how much more then 'they suck, don't use them' can be said.
They are closed source, so they were not really "safe" even before the hack, and no matter how many times we can say 'don't use them', so many people are still using Atomic Wallet. If after all the recent events regarding the collapse of centralized exchanges and earning platforms, people still use them to store their funds and to earn APY, surely people are still going to use Atomic Wallet to hold their funds after this hack.We don't know that THEY don't know what happened. All we know is that WE don't know since they have not told us.
But the lack up updates, even to the extent of not posting a 'we don't know what went wrong still looking' is just a total lack of customer service / caring.
Their reputation is so shot at this point it probably does not matter for people here who pay attention, but since they are still out there someone else is still going to loose their funds
-Dave
Jump to: