Don’t fall victim to sub-par security.
On June 2nd, popular multi-coin storage app Atomic Wallet inadvertently pushed an update with malicious code to its users, allowing hackers to access private keys and over $100 million in user funds. It is currently believed that hackers took advantage of outdated code libraries to inject their code into the wallet.
The scale of this crime is shocking, but for many it does not come as a surprise. Atomic Wallet’s security model is deeply flawed.
But Atomic Wallet is self-custody. Doesn’t that mean it’s safe?
Storing your crypto on your own private keys is the best way to protect them, but what is protecting your private keys? Atomic Wallet, by its nature has two major security flaws:
Atomic Wallet is a hot wallet
With Atomic Wallet, your private keys are stored directly on your internet-connected device. Unlike competitors like Exodus and Metamask, there is no option to pair it with a hardware wallet, which would have protected users from this attack. With hot wallets, you’re just a double-click away from launching the wrong software and losing everything.
Atomic Wallet is closed-source
Without the ability for peer-review, errors in the code and poor security practices go unscrutinized by impartial 3rd parties. This wouldn’t have prevented Atomic from intentionally pushing a bad update, but it would have alerted the public to their use of outdated libraries, which could have been fixed before it was exploited.
Now that they’ve found the flaw, is Atomic Wallet safe to use?
No. Their security model remains unchanged. Avoid this wallet.
What about similar wallets?
Avoid both hot and closed-source wallets. If you are inclined to use similar wallets anyways, such as Exodus or Metamask, do not use them without a hardware wallet.
Keeping your keys off internet-connected devices keeps it out of the hands of hackers.
—
Here at BitcoinVN, we are dedicated to helping you on your path to self-sovereignty. We want you to hold your keys and take control of your finances. And we are here to assist you every step of the way.
Any more questions?
Get in touch with us – our team is offering Cybersec and custody consulting services to get you started off the right way.
