Atomic Wallet has suffered a serious security breach which has allowed hackers to steal user funds[1]. It is not only on Windows, but also MacOS (Linux I'm not sure. You should not assume your funds are
safe.)
Huge apologies, I meant to write unsafe but somehow the autocorrect changed it to "safe" which is completely false.The so-called non-custodial wallet must have been sending your wallet info to their servers, that's the only way the hackers could've got to it.
Steps to perform right now:
- Please note the assets that are in your wallet and their derivation paths[2] (if you must type in your password to do this, do it while you are disconnected from the internet. Do not reconnect until Atomic is completely uninstalled.)
- Uninstall Atomic Wallet immediately.
- Sweep your funds to a Bitcoin wallet, your ETH funds to an Ethereum wallet, your XMR funds to a moneto wallet, etc
from inside the wallet software - Do not make any transactions from Atomic Wallet. If you need to transfer obscure tokens, swap them on a centralized exchange for a decentralized asset such as Bitcoin or ETH.
[1]:
https://www.cryptopolitan.com/atomic-wallet-users-report-losses-as-platform-falls-victim-to-hack/[2]:
https://support.atomicwallet.io/article/146-list-of-derivation-paths This is most likely a data breach, but a really nasty reveal of how these "self-custodial wallets" aren't so "self-custodial" at all. utterly disappointing.
The so-called non-custodial wallet must have been sending your wallet info to their servers, that's the only way the hackers could've got to it.
People are complaining that their coins got vanished out of the blue. How can someone steal the funds without the seed phrase ?
It's really shocking to see a non-custodial wallet get hacked like this. This shows our coins aren't safe anywhere.
While the investigation is still on, it makes me wonder if all the non-custodial wallets are risky. Any of these wallets can suffer the same fate.
Someone got a hold of sensitive data from the Atomic Wallet's servers, supposedly from a security flaw within the piles of codes that atomic has made. They abused such flaw and then from there, the hacking of wallets begun. Picture it this way, you're renting an apartment (atomic wallet user) from your kind landlord (Atomic Wallet itself), you have your key and all that to protect you from thieves, but at the same time your landlord requires a copy of every key you would have for your apartment as well, until such a day came around when your landlord's main abode got broken into from a security flaw, and then from there the pandemonium begins as the thieves got a hold of every key in their property, stealing everything they could from every room.
That's basically how it went down.