2M of Suspicious Deposits Frozen on Centralised Exchanges

Written by
Elizabeth Wright
Updated on
October 19, 2023
8 min read

$2M of Suspicious Deposits Frozen on Major Exchanges, Following a Joint Effort from Atomic Wallet, Forensic Companies and Centralised Exchanges.

Tallinn, Estonia — OCTOBER 19, 2023 — In a remarkable display of resilience and unity within the crypto community, Atomic Wallet is pleased to announce the successful freezing of $2 million in digital assets on centralised cryptocurrency exchanges. This achievement was made possible through collaborative efforts and swift actions, exemplifying the power of teamwork in securing the crypto landscape. 

The Path to Freezing:

On Saturday, June 3, 2023, Atomic Wallet’s support team started receiving reports from users claiming unauthorised transactions from their wallets. 

Our security team responded immediately and changed access to all our servers, switched our internal processes to 'under attack mode' and halted all app downloads & updates to minimise any potential impact. Responding with urgency, our security team immediately engaged the expertise of blockchain analysis leaders Chainalysis and Crystal to trace and help freeze suspicious deposits of users who claimed unauthorised access. No new cases have been reported since June 3rd, and less than 0.1% of Atomic Wallet app users have been affected.

Chainalysis and Crystal, renowned for their forensic capabilities and blockchain intelligence, played a crucial role in helping Atomic Wallet identify and contain the threat. Their unwavering support and technical proficiency were instrumental in successfully freezing the assets.

Complexity of Tracing Funds

According to the reports received from Chainalysis and Crystal, the threat actor has used various highly sophisticated methods to bridge the funds to the Bitcoin blockchain, detailed below: 

  1. Funds were bridged to the Bitcoin blockchain
  2. Funds were then sent through a mixer
  3. Most funds have ultimately ended up on the Tron blockchain and Bitcoin network
    ​​The analysis of the threat actor addresses found that the funds were moved in phases in the following way. 

Phase 1 - Bridging funds to the Bitcoin blockchain via one of the following laundering methods

  1. Funds are sent to centralised and instant exchanges. Information made available by some services indicates that the funds were subsequently bridged to the Bitcoin blockchain 

Diagram 1: Ethereum funds were deposited to a centralised exchange and withdrawn as Bitcoin. Source: Chainalysis

  1. Funds are bridged to the Bitcoin blockchain 
  2. Funds are transferred to WETH wrapping contracts and bridged to the Bitcoin blockchain via the Avalanche bridge. 

Phase 2 - Transferring funds to mixers and withdrawing to consolidation addresses on the Bitcoin blockchain

Phase 3 - Funds are bridged to the Tron blockchain via one of the following laundering methods 

  1. Funds are sent to the Avalanche blockchain via the Avalanche bridge before being bridged to the Tron blockchain 
  2. Funds are sent to centralised services or instant exchanges and forwarded to the Tron blockchain.

Diagram 2:  Bitcoin funds are indirectly sent to the Avalanche blockchain via the Avalanche Bridge. The funds are swapped to USDT.e, then USDT before being bridged to the Tron blockchain. Source: Chainalysis

Phase 4 - Funds on the Tron blockchain are deposited into unnamed services

Some funds are mixed on the Tron blockchain after going through consolidation addresses controlled by the threat actor and ultimately sent to high-activity Tron addresses suspected of being over-the-counter traders.

Gratitude to Centralized Exchanges:

Atomic Wallet extends heartfelt gratitude to the centralised cryptocurrency exchanges collaborating promptly to freeze assets linked to reported transactions. Their swift response and cooperation were pivotal in mitigating the impact of the incident that happened to some users.

Community Strength and Swift Action:

This asset-freezing operation is a testament to the strength of the cryptocurrency community and the importance of rapid response in times of crisis. Atomic Wallet profoundly appreciates the support and vigilance of the global crypto community during this challenging period.

“This was not a straightforward case as there was a lot of activity from the threat actor to hide the movement of funds. However, we were pleased that Crystal was able to respond rapidly to label wallets and map the flow. As the threat actor chose to siphon the funds through centralised exchanges that Crystal identified, large sums could be frozen,” said Marina Khaustova, CEO of Crystal Blockchain. “This case shows how crucial it is to have a rapid response and how real-time data plus expert investigators can stop threat actors in their tracks.”

Securing the Digital Frontier:

The freezing of $2 million in assets on centralised exchanges underscores the importance of collaboration with forensic companies and exchanges. We remain dedicated to providing a reliable and seamless experience for our worldwide user base.

“Atomic Wallet has advocated for decentralisation since its inception, and sharing our findings with the blockchain community, which has been proactively offering its support, will help create a safer web3 space and drive mass crypto adoption. We will continue to invest in security measures and maintain the highest security standards in the industry.” - Konstantin Gladych, CEO, Atomic Wallet

Enhanced Security Measures: Atomic Wallet has released several security updates and implemented several enhancements to our security & monitoring infrastructure.

Collaboration with Authorities: Atomic Wallet has cooperated fully with relevant law enforcement agencies during the investigation and will continue to do so to bring the responsible parties to justice. 

Current Status: Atomic Wallet is cooperating with law enforcement agencies in ongoing investigations related to this matter. Due to these ongoing investigations, we can only share some of our findings with the public. 

For more information about this successful asset-freezing operation, please contact [email protected]

About Atomic Wallet

Atomic Wallet is a leading decentralised cryptocurrency wallet with over 5,000,000 users worldwide.

Since 2018, Atomic Wallet has continuously adapted to meet the diverse needs of our growing user base and evolved from a simple wallet solution with 10 crypto assets to a robust, user-friendly platform allowing users to store, stake and swap crypto, thus becoming the go-to choice for crypto enthusiasts worldwide to store & manage their crypto assets.

We continuously enhance our platform and release regular updates to incorporate the latest Web3 capabilities, add new tokens and enhance the wallet’s security.

Subscribe to our newsletter
Sign up to receive the latest news and updates about your wallet.
Related Posts