Audit log

Every state-changing event for Atomic Wallet Hack: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-05-31 17:49:13Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 423,422,830

   sig

   5TXuic2tHbue…wg1fArWDcopyexplorer ↗

   hash

   DfkQ3qN9BXLJ…iaREPVwjcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (27639 B) ▸

   {"actor":"system:backfill","investigation_id":"a746da55-5f10-4d44-931c-b05b2931a804","kind":"publish","page_slug":"atomic-wallet-hack","published_at":"2026-05-31T17:49:13.049Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Atomic Wallet Hack","sections":[{"content":"Atomic Wallet is a non-custodial, closed-source cryptocurrency wallet founded in 2017 by Konstantin Gladych and headquartered in Tallinn, Estonia. The company operated as Atomic Protocol Systems OU, with Evercode Infinite acting as the software developer. By 2022, the platform claimed more than five million registered users across desktop and mobile platforms. In early 2021, Atomic Wallet engaged crypto security firm Least Authority to audit its system design and codebase. The April 2021 audit concluded that existing vulnerabilities exposed users to a range of attacks that 'may lead to the total loss of user funds,' citing improper cryptography implementation, misuse of the Electron framework, outdated dependencies, and inadequate documentation. In November 2021, Atomic Wallet submitted remediation commits, which Least Authority reviewed and found still left a significant number of issues unresolved. In February 2022, Least Authority publicly disclosed these concerns after further attempts to work with Atomic Wallet were unsuccessful, and explicitly 'strongly recommend[ed] against the Atomic Wallet's deployment and use' pending resolution. CEO Konstantin Gladych publicly disputed the severity of the findings and cited a separate DerSecur audit that awarded the wallet a security score of 4.7, above market average. The application's closed-source nature further prevented independent community review of its codebase.","heading":"Background: Atomic Wallet and Its Security History","severity":"high","sources":[{"credibility":2,"name":"Least Authority Discloses Security Risks in Atomic Wallet — CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2022/02/10/least-authority-discloses-security-risks-in-atomic-wallet"},{"credibility":2,"name":"Security firm forced to publicly disclose issues with Atomic Wallet after they go unaddressed for months — Web3isGoingGreat","type":"community_report","url":"https://www.web3isgoinggreat.com/?id=2022-02-10-0"},{"credibility":2,"name":"Your security posture sucks: Atomic Wallet slammed after hacker swipes $35m — DL News","type":"news_article","url":"https://www.dlnews.com/articles/defi/atomic-wallet-slammed-for-closed-code-amid-35m-dollar-hack/"}]},{"content":"On or about June 2–3, 2023, unknown attackers began draining funds from Atomic Wallet user accounts. Atomic Wallet first acknowledged reports of compromised wallets in a public post on June 3. The company's initial statement characterized the scope as affecting 'less than 1%' of users, later revised in its formal June 3rd Event Statement to 'less than 0.1% of Atomic Wallet app users.' The company confirmed no new cases were reported after June 3. As an immediate response, Atomic Wallet halted app downloads and updates, notified users via social media, engaged blockchain analytics firms Chainalysis and Crystal, and changed server access protocols. Stolen assets spanned multiple blockchains including Bitcoin, Ethereum, TRON (with Tron-based USDT reported as the largest single category), XRP, Dogecoin, Litecoin, and BNB. Attackers routed funds to freshly created addresses before initiating laundering operations. Atomic Wallet publicly stated it does not store or have access to users' private keys, complicating both user recourse and internal root cause analysis.","heading":"The June 2023 Breach","severity":"critical","sources":[{"credibility":2,"name":"June 3rd Event Statement — Atomic Wallet (Official)","type":"official","url":"https://atomicwallet.io/blog/articles/june-3rd-event-statement"},{"credibility":2,"name":"Atomic Wallet Hack: Overview And Ongoing Investigation — Hacken","type":"research","url":"https://hacken.io/discover/atomic-wallet-hack/"},{"credibility":2,"name":"Atomic Wallet Users Lose $35 Million Worth of Crypto Assets in Weekend Hack — Bitdefender","type":"news_article","url":"https://www.bitdefender.com/en-us/blog/hotforsecurity/atomic-wallet-users-lose-35-million-worth-of-crypto-assets-in-weekend-hack"}]},{"content":"Initial blockchain analysis placed the loss at approximately $35 million. By June 13–14, 2023, Elliptic's Investigations Team had traced over 5,000 compromised wallets and revised the total loss estimate to above $100 million, with at least ten addresses losing more than $1 million each and 164 addresses losing more than $100,000. The median per-user loss was approximately $2,800. Independent security researcher Taylor Monahan, founder of MyEtherWallet, conducted her own analysis and publicly stated on July 11, 2023 that 'the minimum amount stolen' was $115 million, noting this figure covered only confirmed thefts on a limited number of chains. The class action complaint filed in Colorado cited the $100 million figure. The exact total remains unreconciled across sources, with estimates ranging from $100 million to at least $115 million depending on methodology and chain coverage.","heading":"Disputed Loss Figures","severity":"high","sources":[{"credibility":2,"name":"North Korea-linked Atomic Wallet heist tops $100 million — Elliptic","type":"research","url":"https://www.elliptic.co/blog/analysis/north-korea-linked-atomic-wallet-heist-tops-100-million"},{"credibility":2,"name":"North Korean Hackers Pocketed More Than $100M in Atomic Wallet Hack — Decrypt","type":"news_article","url":"https://decrypt.co/144444/north-korean-hackers-pocket-over-100-m-in-atomic-wallet-heist"},{"credibility":2,"name":"Atomic Wallet faces $100m lawsuit following North Korean hack — DL News","type":"news_article","url":"https://www.dlnews.com/articles/defi/atomic-wallet-faces-lawsuit-following-north-korean-hack/"}]},{"content":"Blockchain analytics firm Elliptic formally attributed the Atomic Wallet breach to North Korea's Lazarus Group on June 6, 2023, stating a 'high level of confidence' based on three factors: the laundering methodology exactly matched steps employed in prior Lazarus Group hacks; stolen assets were routed through the Sinbad.io mixer, which had been used previously to launder Lazarus Group proceeds; and some stolen funds were co-mingled in wallets already holding proceeds from past Lazarus operations. The FBI later confirmed the attribution, identifying the Atomic Wallet exploit as the first in a series of DPRK-linked hacks in summer 2023 — followed by the Alphapo and CoinsPaid incidents in July 2023. The FBI placed the Atomic Wallet theft as part of a broader pattern in which DPRK cyber actors stole more than $200 million across multiple events in 2023 alone. Lazarus Group, also referenced as APT38 and TraderTraitor in U.S. government communications, had been previously linked to over $2 billion in total cryptocurrency thefts. This marked the group's first major attributed theft since the $100 million Horizon Bridge exploit in June 2022.","heading":"Attribution to North Korea's Lazarus Group","severity":"critical","sources":[{"credibility":2,"name":"North Korea's Lazarus Group likely responsible for $35 million Atomic crypto theft — Elliptic","type":"research","url":"https://www.elliptic.co/blog/analysis/north-korea-s-lazarus-group-likely-responsible-for-35-million-atomic-crypto-theft"},{"credibility":1,"name":"FBI Identifies Cryptocurrency Funds Stolen by DPRK — FBI.gov","type":"regulatory","url":"https://www.fbi.gov/news/press-releases/fbi-identifies-cryptocurrency-funds-stolen-by-dprk"},{"credibility":2,"name":"Inside North Korea's Crypto Heists: $200M in Crypto Stolen in 2023 — TRM Labs","type":"research","url":"https://www.trmlabs.com/resources/blog/inside-north-koreas-crypto-heists"},{"credibility":2,"name":"Atomic Wallet Was Breached by North Korean Hackers: Elliptic — CoinDesk","type":"news_article","url":"https://www.coindesk.com/consensus-magazine/2023/06/06/atomic-wallet-was-breached-by-north-korean-hackers-elliptic"}]},{"content":"After the initial theft, attackers laundered stolen assets through a multi-step process traced by Elliptic. Funds were first swapped using the decentralized exchange aggregator 1inch into USDT, then routed through Garantex — a Russia-based cryptocurrency exchange sanctioned by the U.S. Treasury's Office of Foreign Assets Control (OFAC) in April 2022 for laundering ransomware and darknet market proceeds. From Garantex, funds were converted into Bitcoin and moved to the Sinbad.io mixer. Sinbad had been previously used to launder proceeds from prior Lazarus Group hacks; it is considered by some researchers to be a successor to the Blender.io mixer, which OFAC had separately designated for providing mixing services to the Lazarus Group. Elliptic's collaborative tracing efforts with international exchanges resulted in the freezing of approximately $1 million in stolen assets — a small fraction of the total. Garantex was noted to have continued operating at the time despite OFAC sanctions.","heading":"Money Laundering via Garantex and Sinbad","severity":"high","sources":[{"credibility":2,"name":"Atomic Wallet Hackers Move Stolen Funds via OFAC-Sanctioned Exchange Garantex: Elliptic — CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2023/06/13/atomic-wallet-hackers-move-stolen-funds-via-ofac-sanctioned-exchange-garantex-elliptic"},{"credibility":2,"name":"Atomic Wallet hackers turn to OFAC-sanctioned Garantex: Elliptic — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/atomic-wallet-hackers-ofac-sanctioned-garantex-elliptic"},{"credibility":1,"name":"Treasury Sanctions Mixer Used by the DPRK — U.S. Treasury","type":"regulatory","url":"https://home.treasury.gov/news/press-releases/jy1933"}]},{"content":"As of the time of reporting, no definitive root cause for the Atomic Wallet hack has been publicly established. Atomic Wallet's June 3rd Event Statement listed four 'most probable' candidate vectors — virus targeting on local user devices, infrastructure breach, malware code injection, or a man-in-the-middle attack — without confirming any. A company spokesperson was quoted as being 'not able to confirm what exactly caused the issue.' Security analysts suggested additional hypotheses: insufficient entropy in private key generation; fault attacks on key-related algorithms; unintentional or intentional transmission of private keys to a centralized server; and exploitation of an outdated and vulnerable dependency in the Android version of the application. Some researchers described a supply chain attack as the most probable scenario, positing that a malicious SDK may have been inadvertently introduced during development. Atomic Wallet's closed-source codebase precluded independent community audit of the application. Critics noted that the company never identified the 'external auditors' mentioned in its post-incident update, and formal questions from researchers and journalists about the root cause went unanswered.","heading":"Unresolved Attack Vector","severity":"high","sources":[{"credibility":2,"name":"June 3rd Event Statement — Atomic Wallet (Official)","type":"official","url":"https://atomicwallet.io/blog/articles/june-3rd-event-statement"},{"credibility":2,"name":"Atomic Wallet gives major update on hack but questions remain unanswered — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/atomic-wallet-hack-statement-exploit-unanswered-questions"},{"credibility":2,"name":"Atomic Wallet $35 Million Hack: Detailed Analysis — ImmuneBytes","type":"research","url":"https://immunebytes.com/blog/atomic-wallet-35-million-hack-detailed-analysis/"},{"credibility":2,"name":"Why is Atomic Wallet not open source? — Atomic Wallet Support","type":"official","url":"https://support.atomicwallet.io/article/184-why-is-atomic-wallet-not-open-source"}]},{"content":"In June 2023, plaintiffs Robert Meany and Graham Dickinson filed a class action lawsuit in the U.S. District Court for the District of Colorado against Atomic Protocol Systems OU, Evercode Infinite, and individual founders Konstantin Gladych and Pavel Sokolov (Case No. 1:23-cv-01582). The complaint alleged negligence, gross negligence, fraudulent misrepresentation, fraudulent concealment, and civil conspiracy, asserting that Atomic Wallet knew of critical security vulnerabilities — specifically those identified by Least Authority in 2021 and publicly disclosed in February 2022 — and failed to remediate them. Plaintiffs claimed defendants had failed to safeguard user funds, protect passwords, and secure the application against attacks. On September 10, 2024, U.S. District Judge Philip Brimmer granted defendants' motions to dismiss for lack of personal jurisdiction, finding that Atomic Wallet's contacts with Colorado were insufficient to establish purposeful availment. The court held that social media marketing reaching Colorado users and software availability for download did not meet the jurisdictional threshold. In an unusual step, Judge Brimmer also denied plaintiffs' request to amend the complaint. Defendants were represented by Brown Rudnick LLP. As of the time of writing, no subsequent litigation had been publicly reported in a U.S. court.","heading":"Litigation: Meany et al. v. Atomic Wallet","severity":"high","sources":[{"credibility":1,"name":"Meany et al. v. Atomic Wallet et al. — ClassAction.org (complaint PDF)","type":"court_filing","url":"https://www.classaction.org/media/meany-et-al-v-atomic-wallet-et-al.pdf"},{"credibility":2,"name":"Brown Rudnick Wins Dismissal of Class Action Suit Against Atomic Wallet Over $100M Hack — Brown Rudnick","type":"other","url":"https://brownrudnick.com/client_news/brown-rudnick-wins-dismissal-of-class-action-suit-against-atomic-wallet-over-100m-hack/"},{"credibility":2,"name":"Court Applies Established Personal Jurisdiction Principles to Dismiss Crypto Wallet Companies — Inside Class Actions","type":"news_article","url":"https://www.insideclassactions.com/2024/10/08/a-closer-look-court-applies-established-personal-jurisdiction-principles-to-dismiss-crypto-wallet-companies-in-class-action-filed-after-100-million-north-korean-crypto-hack/"},{"credibility":2,"name":"Colorado Federal Court Grants Motions to Dismiss — Consumer Financial Services Law Monitor","type":"news_article","url":"https://www.consumerfinancialserviceslawmonitor.com/2024/09/colorado-federal-court-grants-motions-to-dismiss-in-cryptocurrency-theft-case-citing-lack-of-personal-jurisdiction/"},{"credibility":1,"name":"Meany v. Atomic Protocol Systems OU — CourtListener Docket","type":"court_filing","url":"https://www.courtlistener.com/docket/67520833/meany-v-atomic-wallet/"},{"credibility":2,"name":"Class Action Filed Over 2023 Atomic Wallet Data Breach — ClassAction.org","type":"news_article","url":"https://www.classaction.org/news/class-action-filed-over-2023-atomic-wallet-data-breach-in-which-100m-in-crypto-assets-was-stolen"}]},{"content":"U.S. government and private researchers have placed the Atomic Wallet breach within a broader DPRK-attributed campaign. The FBI identified the Atomic Wallet theft as the first in a sequence that included the Alphapo ($60 million) and CoinsPaid exploits in July 2023, attributing all three to DPRK cyber actors. Across 2023, DPRK-linked actors were estimated to have stolen more than $200 million. Over a five-year period preceding 2023, the Lazarus Group was associated with over $2 billion in total cryptocurrency thefts. The Lazarus Group has also been attributed to attacks including the Ronin Bridge ($625 million, 2022) and the Harmony Horizon Bridge ($100 million, 2022). Chainalysis noted a declining trend in total crypto hacking proceeds in 2023 compared to 2022 despite several high-profile incidents.","heading":"Broader DPRK Cryptocurrency Theft Campaign","severity":"medium","sources":[{"credibility":1,"name":"FBI Identifies Cryptocurrency Funds Stolen by DPRK — FBI.gov","type":"regulatory","url":"https://www.fbi.gov/news/press-releases/fbi-identifies-cryptocurrency-funds-stolen-by-dprk"},{"credibility":2,"name":"Inside Lazarus Group: Analyzing North Korea's Most Infamous Crypto Hacks — Hacken","type":"research","url":"https://hacken.io/discover/lazarus-group/"},{"credibility":2,"name":"How the Lazarus Group is stepping up crypto hacks — Elliptic","type":"research","url":"https://www.elliptic.co/blog/how-the-lazarus-group-is-stepping-up-crypto-hacks-and-changing-its-tactics"},{"credibility":2,"name":"Stolen Crypto Falls in 2023 but Hacking Remains a Threat — Chainalysis","type":"research","url":"https://www.chainalysis.com/blog/crypto-hacking-stolen-funds-2024/"}]}],"sources_used":[{"credibility":2,"name":"June 3rd Event Statement — Atomic Wallet (Official)","type":"official","url":"https://atomicwallet.io/blog/articles/june-3rd-event-statement"},{"credibility":2,"name":"North Korea's Lazarus Group likely responsible for $35 million Atomic crypto theft — Elliptic","type":"research","url":"https://www.elliptic.co/blog/analysis/north-korea-s-lazarus-group-likely-responsible-for-35-million-atomic-crypto-theft"},{"credibility":2,"name":"North Korea-linked Atomic Wallet heist tops $100 million — Elliptic","type":"research","url":"https://www.elliptic.co/blog/analysis/north-korea-linked-atomic-wallet-heist-tops-100-million"},{"credibility":1,"name":"FBI Identifies Cryptocurrency Funds Stolen by DPRK — FBI.gov","type":"regulatory","url":"https://www.fbi.gov/news/press-releases/fbi-identifies-cryptocurrency-funds-stolen-by-dprk"},{"credibility":2,"name":"Least Authority Discloses Security Risks in Atomic Wallet — CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2022/02/10/least-authority-discloses-security-risks-in-atomic-wallet"},{"credibility":2,"name":"Atomic Wallet Was Breached by North Korean Hackers: Elliptic — CoinDesk","type":"news_article","url":"https://www.coindesk.com/consensus-magazine/2023/06/06/atomic-wallet-was-breached-by-north-korean-hackers-elliptic"},{"credibility":2,"name":"Atomic Wallet Hackers Move Stolen Funds via OFAC-Sanctioned Exchange Garantex: Elliptic — CoinDesk","type":"news_article","url":"https://www.coindesk.com/tech/2023/06/13/atomic-wallet-hackers-move-stolen-funds-via-ofac-sanctioned-exchange-garantex-elliptic"},{"credibility":2,"name":"North Korean Hackers Pocketed More Than $100M in Atomic Wallet Hack — Decrypt","type":"news_article","url":"https://decrypt.co/144444/north-korean-hackers-pocket-over-100-m-in-atomic-wallet-heist"},{"credibility":2,"name":"Atomic Wallet faces $100m lawsuit following North Korean hack — DL News","type":"news_article","url":"https://www.dlnews.com/articles/defi/atomic-wallet-faces-lawsuit-following-north-korean-hack/"},{"credibility":2,"name":"Your security posture sucks: Atomic Wallet slammed after hacker swipes $35m — DL News","type":"news_article","url":"https://www.dlnews.com/articles/defi/atomic-wallet-slammed-for-closed-code-amid-35m-dollar-hack/"},{"credibility":1,"name":"Meany et al. v. Atomic Wallet et al. (1:23-cv-01582) — Complaint PDF","type":"court_filing","url":"https://www.classaction.org/media/meany-et-al-v-atomic-wallet-et-al.pdf"},{"credibility":1,"name":"Meany v. Atomic Protocol Systems OU — CourtListener Docket","type":"court_filing","url":"https://www.courtlistener.com/docket/67520833/meany-v-atomic-wallet/"},{"credibility":2,"name":"Brown Rudnick Wins Dismissal of Class Action Suit Against Atomic Wallet Over $100M Hack","type":"other","url":"https://brownrudnick.com/client_news/brown-rudnick-wins-dismissal-of-class-action-suit-against-atomic-wallet-over-100m-hack/"},{"credibility":2,"name":"Court Applies Established Personal Jurisdiction Principles to Dismiss Crypto Wallet Companies — Inside Class Actions","type":"news_article","url":"https://www.insideclassactions.com/2024/10/08/a-closer-look-court-applies-established-personal-jurisdiction-principles-to-dismiss-crypto-wallet-companies-in-class-action-filed-after-100-million-north-korean-crypto-hack/"},{"credibility":2,"name":"Colorado Federal Court Grants Motions to Dismiss — Consumer Financial Services Law Monitor","type":"news_article","url":"https://www.consumerfinancialserviceslawmonitor.com/2024/09/colorado-federal-court-grants-motions-to-dismiss-in-cryptocurrency-theft-case-citing-lack-of-personal-jurisdiction/"},{"credibility":2,"name":"Class Action Filed Over 2023 Atomic Wallet Data Breach — ClassAction.org","type":"news_article","url":"https://www.classaction.org/news/class-action-filed-over-2023-atomic-wallet-data-breach-in-which-100m-in-crypto-assets-was-stolen"},{"credibility":2,"name":"Atomic Wallet knew of security flaws prior to breach, class action claims — Top Class Actions","type":"news_article","url":"https://topclassactions.com/lawsuit-settlements/privacy/data-breach/atomic-wallet-knew-of-security-flaws-prior-to-breach-class-action-claims/"},{"credibility":1,"name":"Treasury Sanctions Mixer Used by the DPRK — U.S. Treasury","type":"regulatory","url":"https://home.treasury.gov/news/press-releases/jy1933"},{"credibility":2,"name":"Atomic Wallet hackers turn to OFAC-sanctioned Garantex — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/atomic-wallet-hackers-ofac-sanctioned-garantex-elliptic"},{"credibility":2,"name":"Atomic Wallet gives major update on hack but questions remain unanswered — CoinTelegraph","type":"news_article","url":"https://cointelegraph.com/news/atomic-wallet-hack-statement-exploit-unanswered-questions"},{"credibility":2,"name":"Atomic Wallet Hack: Overview And Ongoing Investigation — Hacken","type":"research","url":"https://hacken.io/discover/atomic-wallet-hack/"},{"credibility":2,"name":"Explained: The Atomic Wallet Hack (June 2023) — Halborn","type":"research","url":"https://www.halborn.com/blog/post/explained-the-atomic-wallet-hack-june-2023"},{"credibility":2,"name":"Inside North Korea's Crypto Heists: $200M in Crypto Stolen in 2023 — TRM Labs","type":"research","url":"https://www.trmlabs.com/resources/blog/inside-north-koreas-crypto-heists"},{"credibility":2,"name":"How the Lazarus Group is stepping up crypto hacks — Elliptic","type":"research","url":"https://www.elliptic.co/blog/how-the-lazarus-group-is-stepping-up-crypto-hacks-and-changing-its-tactics"},{"credibility":2,"name":"Atomic Wallet $35 Million Hack: Detailed Analysis — ImmuneBytes","type":"research","url":"https://immunebytes.com/blog/atomic-wallet-35-million-hack-detailed-analysis/"},{"credibility":2,"name":"Why is Atomic Wallet not open source? — Atomic Wallet Support","type":"official","url":"https://support.atomicwallet.io/article/184-why-is-atomic-wallet-not-open-source"},{"credibility":1,"name":"Atomic Protocol Systems Seeks Dismissal of Crypto Hack Suit — Bloomberg Law","type":"news_article","url":"https://news.bloomberglaw.com/privacy-and-data-security/atomic-protocol-systems-seeks-dismissal-of-crypto-hack-suit"}],"summary":"In June 2023, Atomic Wallet — an Estonian non-custodial cryptocurrency wallet with approximately five million users — suffered a major security breach in which attackers drained funds from an estimated 5,500 user wallets. Blockchain analytics firms Elliptic and on-chain investigators attributed the attack to North Korea's Lazarus Group with high confidence, and the FBI later confirmed this attribution. The total loss figure is disputed, with Elliptic placing it above $100 million and independent researcher Taylor Monahan estimating a minimum of $115 million; the underlying attack vector was never publicly confirmed by Atomic Wallet.","timeline":[{"date":"2021-04-01","event":"Least Authority delivers audit report to Atomic Wallet identifying critical vulnerabilities and recommending against deployment until resolved.","source":"CoinDesk / Least Authority disclosure","source_url":"https://www.coindesk.com/tech/2022/02/10/least-authority-discloses-security-risks-in-atomic-wallet"},{"date":"2021-11-01","event":"Atomic Wallet submits remediation commits; Least Authority finds a significant number of issues still unresolved.","source":"CoinDesk / Least Authority disclosure","source_url":"https://www.coindesk.com/tech/2022/02/10/least-authority-discloses-security-risks-in-atomic-wallet"},{"date":"2022-02-10","event":"Least Authority publicly discloses security concerns after further remediation attempts fail; strongly recommends against use of Atomic Wallet.","source":"CoinDesk","source_url":"https://www.coindesk.com/tech/2022/02/10/least-authority-discloses-security-risks-in-atomic-wallet"},{"date":"2022-04-01","event":"U.S. Treasury OFAC sanctions Garantex, the Russia-based exchange later used to launder Atomic Wallet hack proceeds.","source":"U.S. Treasury","source_url":"https://home.treasury.gov/news/press-releases/jy1933"},{"date":"2023-06-02","event":"Attackers begin draining funds from Atomic Wallet user accounts across multiple blockchains.","source":"FBI / Elliptic","source_url":"https://www.fbi.gov/news/press-releases/fbi-identifies-cryptocurrency-funds-stolen-by-dprk"},{"date":"2023-06-03","event":"Atomic Wallet publicly acknowledges reports of compromised wallets; states fewer than 1% (later revised to 0.1%) of users were affected; halts app downloads.","source":"Atomic Wallet Official Statement","source_url":"https://atomicwallet.io/blog/articles/june-3rd-event-statement"},{"date":"2023-06-06","event":"Elliptic attributes the breach to North Korea's Lazarus Group with high confidence, citing laundering methodology, use of Sinbad mixer, and fund co-mingling with prior Lazarus proceeds.","source":"Elliptic","source_url":"https://www.elliptic.co/blog/analysis/north-korea-s-lazarus-group-likely-responsible-for-35-million-atomic-crypto-theft"},{"date":"2023-06-13","event":"Elliptic revises total loss estimate upward to over $100 million affecting more than 5,000 wallets; reports stolen funds routed through OFAC-sanctioned Garantex.","source":"Elliptic / CoinDesk","source_url":"https://www.elliptic.co/blog/analysis/north-korea-linked-atomic-wallet-heist-tops-100-million"},{"date":"2023-06-13","event":"Elliptic reports hackers moved stolen funds through OFAC-sanctioned Russian exchange Garantex before routing to Sinbad.io mixer.","source":"CoinDesk","source_url":"https://www.coindesk.com/tech/2023/06/13/atomic-wallet-hackers-move-stolen-funds-via-ofac-sanctioned-exchange-garantex-elliptic"},{"date":"2023-07-11","event":"Independent researcher Taylor Monahan publicly states losses are a minimum of $115 million, exceeding the $100 million figure cited in legal filings, based on her own on-chain analysis.","source":"DL News","source_url":"https://www.dlnews.com/articles/defi/atomic-wallet-faces-lawsuit-following-north-korean-hack/"},{"date":"2023-07-01","event":"Class action lawsuit (Meany et al. v. Atomic Wallet et al., Case No. 1:23-cv-01582) filed in U.S. District Court for the District of Colorado against Atomic Protocol Systems OU, Evercode Infinite, and individual founders Gladych and Sokolov.","source":"ClassAction.org / CourtListener","source_url":"https://www.classaction.org/media/meany-et-al-v-atomic-wallet-et-al.pdf"},{"date":"2024-09-10","event":"U.S. District Judge Philip Brimmer dismisses the class action for lack of personal jurisdiction; denies plaintiffs' request to amend complaint.","source":"Brown Rudnick / Inside Class Actions","source_url":"https://brownrudnick.com/client_news/brown-rudnick-wins-dismissal-of-class-action-suit-against-atomic-wallet-over-100m-hack/"}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 5cfcb237-dc19-4490-aca6-c32501d6416dcopy