- Atomic Wallet has been compromised with a still unclear vulnerability.
- Around $35M in tokens has been stolen and taken away to drainer addresses.
- So far, no NFT or game reports have been linked to Atomic Wallet and the recent exploit.
Atomic Wallet lost $35M in client funds based on the latest reports, becoming one of the largest direct attacks against crypto wallets. Atomic is a hot wallet connected to the Internet at all times, and about 1% of the accounts have been compromised. A similar attack happened against the Vulcan Forged wallet, which only affected users partially.
The attack against Atomic Wallet underscores the problem of reliability when it comes to Web3 adoption. Games and NFT collections are constantly battling attacks, including wallet drainers and malicious smart contracts, as well as wallets that are compromised from the beginning. The exact nature of the hack is still unknown, and has been investigated over the weekend.
Anonymous researchers have created a map of the addresses involved in the hack. The missing tokens have been handled by drainer addresses and gas-provider addresses, only active in the past 30 hours.
No NFT have been reported so far. The Atomic Wallet hack is also independent of any action taken by the user. The hack is separate from the recent series of wallet drainer links, which attack through a fake airdrop or giveaway.
Is Atomic Wallet Safe for Tokens and NFT?
Some of the potential attacks include a backdoor, compromised private keys, or stealing keys through the wallet’s Internet connection. Atomic Wallet is a relatively older tool, used for storing coins and for trading. But the wallet can also hold NFT and is part of the Web3 ecosystem. For now, only token withdrawals have been reported, with unconfirmed claims of recovery.
Former security analysis of Atomic Wallet has shown flaws at the cryptography level. Atomic Wallet uses Electrum wallet, one of the common open-source tools for blockchain access. But Electrum wallet has shown inherent vulnerabilities and compromised versions for other blockchain projects.
Atomic Wallet has been closed source, and for now reviewers cannot pinpoint the reason for the hack. The wallet advertised its app as a Web3 tool, although it is more rarely used in games, and more often for classic crypto trades and swaps.
