Atomic Wallet Offers $1 Million Bug Bounty Amid Security Lawsuit

Amid an ongoing class-action lawsuit related to a $100-million hack in June, the developer of Atomic Wallet has launched a $1-million bug bounty program aimed at identifying security flaws in its wallet software.

In an announcement on December 18, the development team invited ethical hackers and security experts globally to scrutinize the open-source code for potential vulnerabilities.

White hat hackers who discover the most severe vulnerabilities, defined as those allowing an over-the-internet attack without physical access, installed malware, or social engineering, stand to earn $100,000 under the program.

The bug bounty program is designed to enhance the security of the wallet and minimize the risk of future cyber threats.

The bounty program also offers compensation ranging from $500 to $10,000 for hackers who identify bugs or flaws not meeting the criteria of the most serious vulnerabilities.

The reward depends on the severity of the vulnerability, with $5,000 allocated for a “high-risk” discovery and $10,000 for a “critical-risk” one.

The total bounty pool for all discoveries is set at $1 million.

Harnessing the ‘expertise of the global community’

Konstantin Gladych, founder of Atomic Wallet, expressed confidence in the bug bounty program’s ability to harness global expertise and creativity to bolster cybersecurity.

“Recent events in the blockchain industry have once again reminded us that cybersecurity is a dynamic field, and the best way to stay ahead is by harnessing the creativity and expertise of the global community,” he said.

$100 million hacking incident

Atomic Wallet in June this year suffered a $100 million hacking incident.

About 5,500 users of the non-custodial cryptocurrency wallet were affected by the hack which has been linked to the North Korean Lazarus Group.

Two months later, the incident led victims to launch a class action lawsuit against Atomic Wallet for compensation.

According to reports at the time, the claims rest on the company’s inaction to share proper information about the incident with users, and the failure to provide law enforcement with the same information.

While Atomic Wallet previously has acknowledged reports of lost funds from the cybersecurity attack, the company has claimed that only 0.1% of users were affected by it.