This week it emerged that the decentralized Atomic Wallet software was hacked, and millions stolen as a result. This is significant for many reasons, the primary being that the keys were taken from many individual users’ private devices, not from a centralized platform, which is how crypto theft has traditionally occurred. It is understood that the exploit was delivered via software update tainted with malicious code.
One thing this situation illustrates is the risk of closed source software.
Open Source Software in Crypto Security
To most outside the industry, it’s difficult to understand why a software maker would allow its intellectual property to be freely used by anyone. The arguments in favor of open sourcing software are complex and multifaceted but here’s a quick and simple one relevant to the Atomic Wallet hack: an open code base and its updates can be independently reviewed by outside experts and individual users to ensure it is secure, legitimate and consistent with the updates being pushed to everyone else.
Mitigate the Risk of Supply Chain Attacks
A current theory (hat tip to ZachXBT and Tay for their work in this process) is that an outside hacker with access to Atomic Wallet’s uncompiled source code—early indications hint at North Korea’s Lazarus Group—secretly added malicious instructions that sent them users’ private keys or seed phrases.
Prior to its detection, the attackers managed to move assets worth over $35 million.
This general method is referred to as a supply chain attack, which means that instead of attacking the software directly, malicious code is added during one of the many stages of the software development process, be it the coding, QA, distribution, or update phases.
Supply chain attacks are particularly effective because they bypass traditional security measures and exploit the trust placed in the software supply chain. In closed source projects that trust must be absolute since users possess no check on the final product.
Understanding the Consequences of a Lack of Internal Controls
An attacker having access to the Atomic Wallet source code is one thing. What’s more significant is that the attackers were also able to hijack the company’s mechanisms for compiling and distributing updates. Such a level of access could only come from an insider and so, if North Korea was responsible, it tells us that an Atomic Wallet insider’s credentials were compromised, which suggests a concerning lack of effective internal controls.
Traditionally, an argument in favor of Atomic Wallet’s decentralized self-custody exchange approach—as opposed to a centralized custodian exchange approach, for example—is that the centralized exchange is a much more attractive prize, given the billions it may custody. The effort required to access a software wallet by breaking into a single device isn’t justified by the comparatively modest reward, or so the thinking went. Of course, a supply chain attack potentially compromises all users and makes the reward worth the effort.
Eventually we’ll know exactly how the Atomic Wallet hack transpired and this will help the industry be better able to prevent its recurrence. For now, here are some steps you can take to safeguard your crypto.
Protect Your Crypto With These Strategies
If you prefer to entrust your keys to a third party custodial platform, first determine whether or not it carries crypto insurance protecting customers’ keys against loss by outside attack, insider theft and tech failure (nota bene: Evertas provides real crypto insurance 😎). This will protect your assets in the event of a loss event.
Self-Custody Hardware Wallets
If you prefer self-custody, a good hardware wallet is safer than a software wallet, in that it’s safe from local machine compromise and likely has a better supply chain process. But even hardware wallets are not without their own risks, including malicious updates. Individual hardware wallet makers may offer guarantees against malfunction, but in a self-custody setting they are generally not insurable, unlike some custodial platform wallets.
Open-Source Software Wallets
If you prefer a software wallet, choose open source options and ideally those with third-party hardware wallet support. These offer the improved user experience of a connected device wallet with the advantages of secure key management and transaction approval. In case you were wondering, Atomic Wallet does not offer this option.
Wallet Hygiene is Key
Finally, when self-custodying, never store high value keys or seed phrases in low trust wallets. If you need a transactional wallet for on-chain transfers, keep it segregated from those used for storage.
News of crypto being recovered from this hack is slowly trickling in and though unlikely, we hope all Atomic Wallet users who suffered a loss are eventually made whole. What’s more certain is that the Web3 space needs to improve standards for closed source software supply chain management and updates. And because the software wallet hack concept has been proven, there are certain to be more attempts by sophisticated actors. This means more resources must now be dedicated to securing this attractive new target.