September 12, 2023
6 min read
On Saturday, June 3, 2023, our support team started receiving reports from users claiming unauthorized transactions from their wallets. The whole team was alarmed. We alerted users via our social media channels about a possible attack. Out of precaution we immediately halted all app downloads and updates, reached out to major exchanges and leading blockchain analysis companies and started an investigation. Since June 3rd, all members of the team have worked non-stop without days off, and we can say that no new cases have been confirmed since the initial reports.
Our top priority is to help as many affected users as we can. We've engaged with the leading Crypto Investigators - Chainalysis and Crystal. Our support team collects user reports, processes data and provides information to these companies. They monitor transactions and liaise with exchanges and authorities. As we can see, funds are actively being mixed / laundered via different services and smart contracts. However most of them remain traceable. We will update the community when there are more details on this front, and we ask for your patience.
Wallet app security has always been our top priority. Since day one, we've commenced an investigation with external teams of specialists in cyber security. We invest a lot of time, money and effort into security and verify each wallet update before our users have access to them. The team has researched various potential causes, the most probable of which are virus targeting on local users devices, infrastructure breach, malware code injection, or a man-in-the-middle attack. At the moment, none of the possible issues are confirmed as potentially causing massive breaches, as such types of attacks are very hard to recognize. In light of the reports from our users on the 3rd of June, we immediately changed access to all our servers and switched our internal processes to 'under attack mode'. In addition, we are working on a security app update to reduce the chances of potential future attacks. We strongly encourage all our users to keep their wallet apps updated to the latest versions.
We want to assure you that Atomic Wallet, as a company, does not store or have access to users private keys, thus making the investigation of the root cause more complex. Atomic does not provide any virtual asset services or any financial services, nor does it provide any advisory, mediation, brokerage, or agent services. Atomic is essentially a software application to manage users' crypto on local devices. We don't ask for any personal information, nor do we store user accounts, etc. Atomic doesn't track users addresses, balances and transactions. Atomic, as a company, has no custody; developers have never had access to users' funds. Crypto is stored on the blockchain only, with private keys encrypted on local users' devices. However, anyone who has access to a user's seed phrase may import it to any other similar wallet app and get access to funds. Thus it's impossible to exactly identify atomic users and initial wallet owners.
To summarize, less than 0.1% of Atomic Wallet app users have been affected. No new cases have been reported since June 3rd. None of the possible issues are confirmed as potentially causing massive breaches. Builds are verified by an external security team. Our security infrastructure has been updated, and the investigation is still ongoing.
If you are an affected user, please get in touch at [email protected]. Avoid any impersonators on social media, suspicious accounts, people who offer fund recovery, etc.
One pager, how does Atomic work
Wiki, what is non custodial wallet app
In this guide, we are going to explore the 3 different methods you can use to prepare your crypto taxes, ranging from difficult to almost completely hands-off. Anyone considering not filing at all should reconsider, as tax authorities worldwide are increasingly pledging resources to catching those evading taxes on crypto gains. Mass audit tools are near, and the immutable blockchain means your transactions can be tracked back to your KYC'd exchange with ease.