Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
On June 3, multiple Atomic Wallet users posted on social media that their wallet assets had been stolen. Atomic says less than 1% of monthly active users are currently affected/reported. According to SlowMist, Atomic Wallet officially offlined cloudflare’s download site and sha256sum verification site in an emergency. From this, it is speculated that there may be a security problem in the link of downloading the historical version. It is reported that this incident is suspected to be related to the North Korean hacker group Lazarus Group. Attack method (per SlowMist): Unknown. Reported loss: $ 100,000,000.
- chain
- —
- protocol
- Atomic
- bug_class
- unknown
- date_occurred
- 2023-06-03
- loss_usd
- $100,000,000
- source_id
- sm:atomic::2023-06-03