Atomic Wallet, Lazarus behind $35 million hack

Users of Atomic Wallet recently suffered an unexpected loss of funds, as we reported on Coinpri. However, Elliptic, a company specializing in the detection of fraudulent cryptocurrency activity, has revealed that the notorious North Korean hacker group, Lazarus is believed to be behind the attack.

Lazarus, the hackers behind the theft of $35 million from Atomic Wallet

This weekend, Atomic Wallet was victim of a devastating attack that resulted in a loss of over 35 million dollars for its users. Wallets were suddenly empty, plunging users into total distress. The latest revelations by Elliptic point the finger at famous North Korean hacker group, Lazarus known for its numerous computer attacks.

Indeed, an in-depth investigation by Elliptic reveals that the stolen funds were channeled to Sinbad, a cryptocurrency blender successor to, already sanctioned in the past. The use of Sinbad by the Lazarus group is not surprising, since it has been reported that this hacker group now favors it.

What’s more, strong links have been established between the wallets containing the stolen cryptos and previous attacks attributed to Lazarus, confirming their involvement in this case. The modus operandi leaves no doubt as to the involvement of the Lazarus group.

According to ZachXBT, a blockchain investigator mentioned by Elliptic, the amount stolen by this group of hackers is estimated at around $35 million, including various cryptocurrencies such as bitcoin (BTC), ether (ETH), tether (USDT), dogecoin (DOGE), litecoin (LTC), BNB coin (BNB), polygon (MATIC) and Tron-based USDT.

Atomic Wallet, a frequent target for hackers?

It’s no surprise that Atomic Wallet is vulnerable to attack, since security auditing firm Least Authority had already reported potential vulnerabilities within their system the previous year.  

The vulnerabilities identified within Atomic Wallet included:

  • Problems with cryptographic implementation.
  • Non-compliance with wallet design best practices.
  • Insufficient project documentation.
  • Incorrect use of the Electron framework for creating desktop applications.

However, the Atomic Wallet team responded proactively by working closely with affected users and companies specializing in blockchain analysis, such as Chainalysis, Crystal and Elliptic, to trace the stolen funds. Thanks to the cooperation of these players, some of the funds have already been recovered and blocked.

Atomic Wallet CEO, Konstantin Gladych emphasized that the attack was carried out by a team of professional hackers who used scripts, divided the funds and used mixers.

Despite the initial vulnerabilities, the Atomic Wallet team has taken concrete steps to respond to the situation, working with experts in the field. These efforts are essential to restore user confidence and reinforce the security of the platform. Alas, it won’t give some victims their money back… Don’t forget to always diversify where you store your funds. It’s better to have several full wallets than one empty one.