Yesterday, Atomic Wallet shared with its Twitter followers the latest update on the June 3 hack. The update was first published as an official "June 3rd Event Statement" on the company’s website on June 20. The report long awaited by numerous victims of the exploit, many of whom lost their entire life savings, has not satisfied the need for answers.
The team behind the non-custodial wallet has provided some information about the measures it took to stop the proliferation of the attack when it started receiving reports of the hack, such as "immediately halting all apps and updates" and "reaching out to major exchanges and leading blockchain analysis companies to start an investigation."
Read also: Phishing scammers ready to exploit Atomic Wallet hack victims
According to Atomic Wallet, at press time, the team was heavily engaged in the analysis of users’ reports and tracking transactions of the stolen money. Atomic Wallet claims that a great portion of the loot has been processed with cryptocurrency mixers, but the team has still managed to track many transactions and plans to move to the next step to "work on a legal framework for seizing frozen deposits and distributing them among affected users." According to the report, the companies assisting Atomic Wallet in the investigation are Crystal and Chainalysis.
Although users of the wallet have been eagerly waiting for any information about the hack, many of them are quite disappointed with the update and even find it suspicious.
The first point that many Twitter users have mentioned is the fact that the team keeps repeating that "less than 0.1% of Atomic Wallet app users have been affected." For these crypto owners, it seems impossible that such a small group of users lost such a large amount of money. Shortly after the event, prominent on-chain detective ZachXBT reported that the loot was more than $35 million, while there are also more recent opinions that the total loss reached $100 million. Meanwhile, Atomic Wallet itself refuses to give even approximate figures.
In addition, Twitter users find it unusual that Atomic Wallet cites four different types of attacks as the most likely causes of the exploit, such as malware code injection, an infrastructure breach, a man-in-the-middle attack, and a virus that compromises users’ local devices. At the same time, the company has suggested that users themselves could be responsible for the attack.
Read also: Brave users can now sell crypto for fiat within the wallet
"Atomic is essentially a software application to manage users' crypto on local devices. We don't ask for any personal information, nor do we store user accounts, etc. Atomic, as a company, has no custody; developers have never had access to users' funds," the report states, adding, "Crypto is stored on the blockchain only, with private keys encrypted on local users' devices. However, anyone who has access to a user's seed phrase may import it to any other similar wallet app and get access to funds."
However, since Atomic Wallet also claims to have made security updates to its infrastructure, users believe there may have been a problem on the company’s side after all.
Some users have also found the company’s claims about its recent audits questionable, as Atomic Wallet has not published the names of the auditors or the audit statements.
Read also: Atomic Wallet blocks a portion of stolen funds on crypto exchanges
Overall, Atomic Wallet's actions have disappointed many app users, who believe that the company does not want to take responsibility for possible vulnerabilities in its system that may have led to the exploit. They also believe that the company should refund the lost money, especially since it claims that the number of affected users is so small.
Among the Twitter users questioning the value of this report are not only regular wallet users, but also industry professionals, including Ouriel Ohayon, the CEO of ZenGo wallet, and Yevhenii Bezuhlyi, a former head of smart contract audit at cybersecurity firm Hacken.
Meanwhile, many wallet users have lost hope of getting their money back and are asking for help from ZachXBT, who has been recently sued by NFT investor Machi Big Brother.