Atomic Wallet, a Web3 wallet, was previously attacked with damages exceeding 100 million USD and was banned from operating by the Securities Commission of Malaysia (SC) due to lack of registration.
On December 23, the Securities Commission of Malaysia (SC) officially added Atomic Wallet, a Web3 wallet service provider, to the list of banned financial companies operating in the country. The decision was announced on the SC's website and relates to Atomic Wallet operating a digital asset exchange (DAX) without a registered operating license. This incident occurred against a backdrop of increasing cryptocurrency attacks, with total damages reaching 2.2 billion USD in 2024.
Atomic Wallet, self-described as a secure, decentralized, and anonymous cryptocurrency wallet, allows users to store, stake, and swap over 100 types of digital assets. However, the company has faced numerous legal and cybersecurity issues.
In 2023, Atomic Wallet was the victim of a large-scale cyberattack, resulting in estimated damages of over 100 million USD. This incident led to multiple lawsuits from users, although a class action lawsuit in the U.S. was dismissed due to jurisdiction issues.
According to Elliptic, a blockchain analytics company, the North Korean hacker group Lazarus is believed to be behind the attack, with the stolen funds being transferred to the Huione Pay exchange in Cambodia.
Enhancing cryptocurrency security oversight
The SC's ban on Atomic Wallet's operations in Malaysia demonstrates the agency's efforts to enhance regulation and oversight in the cryptocurrency market, protecting investors from potential risks. Atomic Wallet is not the first company to be blacklisted by the SC.
Previously, Crypto Trade Malaysia and Best Exchange were also banned from operating due to similar violations. This decision reflects a global trend to tighten regulations on cryptocurrency-related activities, especially after the increase in scams and cyberattacks.
According to Chainalysis, a blockchain data analytics company, total damages from scams, attacks, and cryptocurrency mining increased by 21% in 2024, reaching 2.2 billion USD from 1.8 billion USD in 2023. The number of incidents also rose from 282 to 303. Notably, breaches of private keys of Web3 wallets accounted for the largest share of cryptocurrency losses in 2024, at 43.8%.
Centralized exchanges have also become popular targets for attacks. Jean Rausis, a cybersecurity expert and co-founder of the DeFi ecosystem SmarDex, noted that 2024 witnessed a significant shift in cryptocurrency attacks, as centralized entities became more prominent targets.
In this context, Atomic Wallet launched a 1 million USD bug bounty program in December 2023 to improve the security of its wallet software. However, this move seems insufficient to convince the SC of the company's compliance capability.