Last month, one of the largest digital currency wallet hacks in recent times saw Atomic Wallet users lose as much as $100 million. The notorious North Korean Lazarus Group is thought to have been behind the attack.
Now, Atomic Wallet users have filed a class action lawsuit for $100 million against Atomic Wallet and its owner, Konstantin Gladych. The suit accuses both of “negligent and unlawful conduct,” alleging that they have known about a critical security vulnerability since early 2022.
After the June 3rd attack, initial reports suggested $35 million in digital currencies had been stolen. Since then, revised figures by security firm Elliptic put the heist closer to $100 million.
Is there any truth to the idea that Atomic Wallet sat on knowledge of a critical security vulnerability? It appears so. In early 2022, security firm Least Authority alerted the company to such a vulnerability. In a now-deleted blog post, the firm advised Atomic to “immediately notify users of existing security vulnerabilities.”
A thread of misc. interesting things related to the Atomic Wallet hack, Lazarus, and especially what sprawling hacks look like on-chain.
(this thread is gunna get into the weeds. i suggest the other thread if you want something shallow and easy-to-digest ????) https://t.co/eBN8IycaHJ
— Tay ???? (@tayvano_) June 14, 2023
Opinion: No, you shouldn’t be your own bank
“Be your own bank” is an oft-repeated mantra in the digital currency industry, encouraging users to take custody of their assets. This notion is especially prevalent among BTC maximalists and has taken on a new lease of life ever since the U.S. Securities and Exchange Commission (SEC) sued Binance and Coinbase (NASDAQ: COIN).
However, the truth is that nowhere is safe in the digital currency ecosystem. As the Atomic Wallet hack and endless others like it show, even leading companies in the industry are vulnerable to hacks and attacks, and when they succumb to them, the “code is law” mantra goes out the window, and everybody lawyers up immediately.
While it may be possible for Atomic Wallet users to recover some of their losses by suing the company and its CEO, the legal process will inevitably be messy and will take years to play out. How long could it take? Victims of the 2014 Mt. Gox hack are only now beginning to see the light at the end of the tunnel. Unfortunately, there will be no easy path to recovery for the victims in this case, and the same CEOs who preach “Be your own bank” and “Not your keys, not your coins” will spend years and tens of millions fighting any attempt at restitution every step of the way.
What should users do? The best advice is to not hold digital currencies in large amounts at all. All other than the most technically competent users should return to the original vision for Bitcoin, acquire and spend coins for business purposes such as making payments, and get them off their hands as quickly as possible. Unlike the digital currency exchanges and wallets, the banks they vilify have guaranteed deposit insurance up to $250K per customer, and banks continue to be the safest place to keep your hard-earned money.
Is it possible to recover digital assets?
That’s a question many Atomic Wallet users will be asking right now, and the answer is yes, it’s technically possible. Dr. Craig Wright, often painted as a villain by the crypto industry, is in the process of proving that digital assets can be recovered via legal order. Dr. Wright is suing BTC Core developers on the premise that they have legal duties to network users. His efforts recently received high praise from the U.K. Law Commission.
While there is still much legal wrangling ahead, this landmark lawsuit establishes that holders of digital tokens have property rights. Once this is recognized in court, Bitcoin and other blockchain node operators will have no choice but to comply with legal notices ordering them to reassign coins to their rightful owners. They may protest and say such things go against the spirit of “crypto,” but in the end, they will abide or face legal consequences.
While all of this has yet to play out, and the first digital asset recovery has yet to be demonstrated, victims of future hacks and heists will have a path to recover their assets if Dr. Wright is successful. For this reason and many others, we should all be hoping that one of the key concepts parroted in the cryptocurrency industry is exposed for the lie it has always been; users do have property rights, and no cypherpunk, crypto-anarchist, or North Korean hacker can change that.
Watch: Digital Asset Recovery on Bitcoin Explained
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.