The Atomic Wallet hack resulted in the theft of nearly $35 million in crypto assets, which have been traced to a coin mixer, Sinbad.io. The North Korean Lazarus Group is suspected of using the mixer to launder the stolen funds for Bitcoin. Elliptic reports that the Lazarus Group has laundered over $100 million in proceeds through Sinbad.io, which is believed to be a re-branded version of Blender.io, a mixer previously sanctioned by the US Department of the Treasury. Atomic Wallet has conducted security investigations and is tracking fund movements, but Elliptic suggests the wallet service provider is unlikely to prevent attackers from exchanging funds.
Atomic Wallet has claimed that less than 1% of monthly active users were affected by the hack, but some users have reported the loss of tokens and transaction data, while others have lost their entire crypto portfolios. Atomic Wallet uses a cold wallet system where passwords and data are stored on the user’s device to reduce risks associated with centralized services. However, the hack shows the intricacies of security vulnerabilities. The company is working with exchanges and analytics firms to trace and block funds, but it is unclear whether law enforcement is involved or what compensation plans will be offered.