Atomic Wallet Hack
Summary
In June 2023, Atomic Wallet — an Estonian non-custodial cryptocurrency wallet with approximately five million users — suffered a major security breach in which attackers drained funds from an estimated 5,500 user wallets. Blockchain analytics firms Elliptic and on-chain investigators attributed the attack to North Korea's Lazarus Group with high confidence, and the FBI later confirmed this attribution. The total loss figure is disputed, with Elliptic placing it above $100 million and independent researcher Taylor Monahan estimating a minimum of $115 million; the underlying attack vector was never publicly confirmed by Atomic Wallet.
Connected Entities
1 entities · 10 linked investigations- + 1 more
Timeline(12 events)
2021-04-01
Least Authority delivers audit report to Atomic Wallet identifying critical vulnerabilities and recommending against deployment until resolved.
CoinDesk / Least Authority disclosure2021-11-01
Atomic Wallet submits remediation commits; Least Authority finds a significant number of issues still unresolved.
CoinDesk / Least Authority disclosure2022-02-10
Least Authority publicly discloses security concerns after further remediation attempts fail; strongly recommends against use of Atomic Wallet.
CoinDesk2022-04-01
U.S. Treasury OFAC sanctions Garantex, the Russia-based exchange later used to launder Atomic Wallet hack proceeds.
U.S. Treasury2023-06-02
Attackers begin draining funds from Atomic Wallet user accounts across multiple blockchains.
FBI / Elliptic2023-06-03
Atomic Wallet publicly acknowledges reports of compromised wallets; states fewer than 1% (later revised to 0.1%) of users were affected; halts app downloads.
Atomic Wallet Official Statement2023-06-06
Elliptic attributes the breach to North Korea's Lazarus Group with high confidence, citing laundering methodology, use of Sinbad mixer, and fund co-mingling with prior Lazarus proceeds.
Elliptic2023-06-13
Elliptic revises total loss estimate upward to over $100 million affecting more than 5,000 wallets; reports stolen funds routed through OFAC-sanctioned Garantex.
Elliptic / CoinDesk2023-06-13
Elliptic reports hackers moved stolen funds through OFAC-sanctioned Russian exchange Garantex before routing to Sinbad.io mixer.
CoinDesk2023-07-11
Independent researcher Taylor Monahan publicly states losses are a minimum of $115 million, exceeding the $100 million figure cited in legal filings, based on her own on-chain analysis.
DL News2023-07-01
Class action lawsuit (Meany et al. v. Atomic Wallet et al., Case No. 1:23-cv-01582) filed in U.S. District Court for the District of Colorado against Atomic Protocol Systems OU, Evercode Infinite, and individual founders Gladych and Sokolov.
ClassAction.org / CourtListener2024-09-10
U.S. District Judge Philip Brimmer dismisses the class action for lack of personal jurisdiction; denies plaintiffs' request to amend complaint.
Brown Rudnick / Inside Class ActionsDecision Log
- hash: DfkQ3qN9BXLJaBmasPtFgNEix7EjJePBQsAuiaREPVwj
This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.
model: claude-code-investigator
generated: 5/31/2026, 5:49:08 PM
last updated: 5/31/2026, 5:49:13 PM
avoid.net — verified advice for a post-truth world