Hacken CEO Dmitry Budorin on Atomic Wallet Exploit
Dmitry Budorin, the CEO of cybersecurity auditor Hacken, has conducted a thorough analysis of the recent Atomic Wallet breach and identified several likely causes.
On this page
According to Budorin, these factors contributed to the security incident:
Insufficient entropy in key generation: The mnemonic phrase list (BIP39) used by Atomic Wallet may have had a low level of randomness, making it susceptible to systematic brute-force attacks by hackers.
Fault attack on key-related algorithms: Hackers could have exploited vulnerabilities in the key-related algorithms used by Atomic Wallet to extract private keys from publicly accessible data, such as digital signatures.
Transfer of keys to a centralized server: It is possible that the wallet’s keys were unintentionally or intentionally transmitted to a centralized server, exposing them to potential risks.
Supply-chain attack: If the hackers gained access to the project’s infrastructure, they could have infected the Atomic Wallet applications. However, it is important to note that merely controlling the website would not be sufficient to compromise all users, as it would only impact those who used the desktop version or installed the Android APK from the website.
He warns that this incident may not be exclusive to Atomic Wallet, as only a small portion of users were affected. The primary cause remains unidentified.
While these attack vectors are theoretical and could not be fully confirmed in Hacken’s analysis due to limited access to the wallet’s source code, caution is advised. He suggests Atomic Wallet users consider transferring their assets to another wallet as a precautionary measure.
For more in-depth information about Hacken and Dmitry Budorin, check out our exclusive interview.
The content on The Coinomist is for informational purposes only and should not be interpreted as financial advice. While we strive to provide accurate and up-to-date information, we do not guarantee the accuracy, completeness, or reliability of any content. Neither we accept liability for any errors or omissions in the information provided or for any financial losses incurred as a result of relying on this information. Actions based on this content are at your own risk. Always do your own research and consult a professional. See our Terms, Privacy Policy, and Disclaimers for more details.
Articles by this author
