1. Home
  2. Crystal Blockchain

Crystal Blockchain

Atomic Wallet gives major update on hack but questions remain unanswered

The statement is the first major update from the wallet provider since the exploit in early June, but users are still in the dark about the actual cause.

Atomic Wallet users have been left wanting more answers, despite the decentralized wallet provider finally releasing a full "event statement" about the June exploit — which some estimate has run up to $100 million in losses.

In a June 20, blog post — the first major update from the firm since the June 3 exploit — Atomic Wallet claimed there have been no new confirmed cases after initial reports of the hack.

It has reiterated that “less than 0.1%” of app users were affected. Atomic Wallet has made the claim at least once before in a now-deleted June 5 tweet. The figure is still rebuffed by many online.

Atomic Wallet didn’t point to what exactly led to the exploit, only laying out the four most “probable” causes, including a virus on user devices, an infrastructure breach, a man-in-the-middle attack or malware code injection.

However, none of these scenarios “are confirmed as potentially causing massive breaches," said Atomic Wallet, while adding its “security infrastructure has been updated.”

Additionally, Atomic Wallet said an app update to boost security is being worked on, which is verified “by external auditors.”

However, questions have been swirling around certain aspects of the June 20 statement.

Former smart contract audit head at cybersecurity firm Hacken, Yevhenii Bezuhlyi, asked who the mentioned “external auditors” are and where users can find their statements.

Related: On-chain sleuth ZachXBT sued for libel after claiming plaintiff drained funds from project

Ouriel Ohayon, the CEO of rival wallet provider ZenGo asked why Atomic Wallet needed to update its security infrastructure and what happened for it to undertake such a measure.

Others highlighted the wide array of probabilities posed by the firm as evidence it was no closer to understanding how the exploit took place.

Atomic Wallet said it can see the laundering and mixing of user funds, most of which remain traceable. It's engaged the help of blockchain analytics firms Chainalysis and Crystal Blockchain. It said that the investigation is still ongoing.

Chainalysis told Cointelegraph it can't comment on its work or findings relating to Atomic Wallet.

Cointelegraph contacted Atomic Wallet for clarity on aspects of its statement. Crystal Blockchain was also contacted for comment on its findings related to Atomic Wallet.

Magazine: Tornado Cash 2.0 — The race to build safe and legal coin mixers

Microstrategy’s Bitcoin Yield Hits 3,177 BTC Last Week—Saylor Calls It a $300M ‘Gift to Shareholders’

Crystal Blockchain Study Reveals $16.7 Billion in Crypto Assets Stolen Since 2011

Crystal Blockchain Study Reveals .7 Billion in Crypto Assets Stolen Since 2011Crystal Blockchain, a company that provides blockchain data and analytics, published a study covering security breaches, fraud, and scams related to cryptocurrency and decentralized finance (defi). According to the study, approximately $16.7 billion in crypto assets have been stolen since 2011. Last year, Crystal’s intelligence team documented 199 incidents resulting in the theft of $4.17 […]

Microstrategy’s Bitcoin Yield Hits 3,177 BTC Last Week—Saylor Calls It a $300M ‘Gift to Shareholders’

Bittrex, Merkle Science, Bitgo Join Crypto Market Integrity Coalition

Bittrex, Merkle Science, Bitgo Join Crypto Market Integrity CoalitionFollowing the introduction of the Crypto Market Integrity Coalition (CMIC) with 17 member firms last February, the organization has added eight new members. New coalition recruits include Bittrex, Merkle Science, Crystal Blockchain and Bitgo. 8 Crypto Market Firms Join Crypto Market Integrity Coalition to Improve Self-Regulation Seven months ago, 17 crypto firms announced the formation […]

Microstrategy’s Bitcoin Yield Hits 3,177 BTC Last Week—Saylor Calls It a $300M ‘Gift to Shareholders’

Blockchain Intelligence Company Elliptic Raises $60 Million — Evolution Equity Partners, Softbank Bolster Series C

Blockchain Intelligence Company Elliptic Raises  Million — Evolution Equity Partners, Softbank Bolster Series COn Monday, the blockchain intelligence firm Elliptic announced the company has raised $60 million in a Series C financing round. Elliptic plans to leverage the capital to expand the team and “accelerate” blockchain research and development (R&D). Elliptic Raises $60 Million to Bolster Expansion There’s been a number of capital investments and finance injections directed […]

Microstrategy’s Bitcoin Yield Hits 3,177 BTC Last Week—Saylor Calls It a $300M ‘Gift to Shareholders’

Darknet Users Leverage a New Blockchain Analytics Tool That Scans for Ties to Criminal Activity

Darknet Users Leverage a New Blockchain Analytics Tool That Scans for Ties to Criminal ActivityAccording to the blockchain intelligence firm Elliptic, cybercriminals are leveraging cryptocurrency analytics to get ahead of law enforcement. Elliptic says a “blockchain analytics tool has been launched on the dark web” and the tool is called “Antinalysis.” Meet the Blockchain Analytics Tool ‘Antinalysis’ Hosted on Tor On August 13, the blockchain surveillance company Elliptic published […]

Microstrategy’s Bitcoin Yield Hits 3,177 BTC Last Week—Saylor Calls It a $300M ‘Gift to Shareholders’

Step by step: How crypto fraud and security breaches are investigated

What’s an exchange’s next move after falling victim to a security breach? This is a step-by-step guide to following a crypto thief’s tracks through analytics software.

It’s every exchange’s worst nightmare: Falling victim to a security breach. An incident can disrupt a trading platform’s operations for weeks, affect customer confidence and damage a carefully cultivated reputation — even causing crypto markets to fall in some cases.

Crypto companies have been ramping up their security measures in recent years, determined to ensure that malicious actors don’t get an opportunity to infiltrate their systems. This has prompted hackers, scammers and fraudsters to rely on more sophisticated techniques.

One crucial weapon has emerged that helps trading platforms take speedy action in the event that their infrastructure is compromised: Analytics software. But how do these companies go about their investigations whenever a breach is reported? What are the tools that can be relied upon to follow a thief’s tracks?

This is a step-by-step guide to investigating crypto fraud, security breaches and ransomware.

Hunting the hackers

Irrespective of whether cryptocurrencies are stolen through fraudulent activities or scams — with ransomware becoming an increasingly popular method for swindling victims — investigation techniques often follow a similar pattern.

The first step is to identify a criminal’s crypto address as soon as possible. This information can then be passed on to analytics software companies, which can immediately tag the address as high risk. Doing this quickly can ensure that the entity is easier to track. There can be times when there’s little information about an address hash, but this doesn’t mean that there’s a dead end. That’s because transaction and date filtering can be used instead.

Next, it’s a race against time to start tracking bad actors who may begin to obfuscate the funds that they have misappropriated. They may start sending transactions to other exchanges or use mixing services and darknet entities. Although this commonly happens immediately after crypto has been taken, it can sometimes take months or years for obfuscation to commence — when a criminal may think no one is looking. Analytics providers can offer transaction alerts to ensure that victims can be immediately notified when funds flow to or from an address.

These transaction alerts need to be acted upon as a matter of urgency, as work begins to follow the trail. A crucial step involves notifying exchanges that might end up receiving some of this crypto to ensure they are able to block stolen funds that flow into their accounts. Visualization tools can play a role in illustrating how misappropriated assets are distributed — and show the addresses that may be directly or indirectly connected to the criminal.

An investigation in action

Crystal Blockchain has shared an example of how investigations work in practice. The analytics software provider recently played an instrumental role in examining the aftermath of a hot wallet security breach that affected Eterbase in September 2020, which Cointelegraph reported on at the time.

Immediately after the theft took place, Eterbase sprang to action by publicly announcing the address that was used by the Bitcoin thief. This enabled Crystal to immediately tag this wallet as a high-risk entity.

Quickly, it became possible to piece together information about this address — including statistics on further transactions and connections. It soon emerged that this suspicious wallet had connections to 16 other addresses.

Through Crystal’s All Connections tool, it was revealed that this address had indeed received funds from Eterbase, as well as other exchanges, which had been sent on to a plethora of unnamed entities.

The company said it was able to look further than a one-hop distance — and include indirect connections in its results. From here, it was established that 80% of the total funds that were stolen had been sent to a mixing service.

Eterbase went live once again on Jan. 15 — with its team asking exchange users to stop using old crypto deposit addresses that belonged to their accounts. In an update at the end of January, the company said that an official investigation is still ongoing — and it stressed that affected users who are eligible for a refund will receive one as soon as possible.

Keeping track

Crystal Blockchain says crypto crime is growing in parallel with the crypto markets. The company recently released a map of security breaches and fraud within the digital assets sector over the past 10 years.

The interactive timeline tracks the number of incidents in every year since 2011, and also provides a total figure for the funds that were stolen. Its data suggests that $1.48 billion was taken across 28 incidents in 2020.

Users who visit this article can also use a spinning globe to find out the total volume of funds that have been stolen in countries around the world — with the hardest-hit nations colored in the darkest shade of red.

According to Crystal, the most common locations for exchange breaches include the U.S., the U.K., South Korea, Japan and China. The largest-ever crypto security breach remains the incident involving the Japanese exchange Coincheck in 2018, overtaking the Mt. Gox incident back in 2014.

Learn more about Crystal Blockchain

Disclaimer. Cointelegraph does not endorse any content or product on this page. While we aim at providing you all important information that we could obtain, readers should do their own research before taking any actions related to the company and carry full responsibility for their decisions, nor this article can be considered as an investment advice.

Microstrategy’s Bitcoin Yield Hits 3,177 BTC Last Week—Saylor Calls It a $300M ‘Gift to Shareholders’