Atomic Wallet developers are investigating reports of large-scale theft of cryptocurrency from users’ wallets, with over $35 million in crypto believed to have been stolen.

Atomic Wallet is a mobile and desktop crypto wallet allowing users to store various cryptocurrencies. The wallet is offered for several operating systems, including Windows, Android, iOS, macOS, and Linux.

On June 3, Atomic Wallet tweeted that they had received reports of compromised wallets and had begun investigating the issue.

“We have received reports of compromised wallets. We are doing everything we can to investigate and analyze the situation. As we get more information, we will share it accordingly,” Atomic Wallet tweeted.

A tweet posted today says they are now working with third-party security companies to investigate the incident and prevent the stolen funds from being sold on the exchanges.

“Update: Investigation is still ongoing as part of a joint effort with major security companies. The team is working on possible attack vectors,” the developers tweeted today.

“Nothing confirmed yet. Support team is collecting addresses of victims. Contacted major exchanges and blockchain analytics companies to trace and block stolen funds.”

The developers have since taken down their download server, “get.atomicwallet.io”, likely out of concern that their software has been hacked and to prevent the spread of further compromises.

blockchain detective ZachXBT collected stolen funds transactions from Atomic Wallet victims and says that over $35 million worth of crypto was stolen through this compromise.

“I just passed $14 million in stolen funds on my chart across Bitcoin, ETH, Tron, BSC, ADA, Ripple, Polkadot, Cosmos, Algo, Avax, XLM, LTC, and Doge,” ZachXBT explained.

The researcher later said that additional transactions pushed the amount stolen above $35 million.

According tay cryptographic security researchthe first transaction for the stolen Atomic Wallet assets took place on Friday, June 2 at 21:45 UTC.

A Crypto Theft Weekend

Atomic Wallet users began reporting Saturday morning on Twitter and the developer’s Telegram channel that cryptocurrency had been stolen from their Atomic Wallet wallets.

Atomic Wallet now collects information from victims, asking them what operating system they are using, where they downloaded the software, what was done before the crypto theft, and where the save phrase was stored.

Victims are also encouraged to submit this information, and more, on a Google Docs Form created to investigate the incident.

While some users are reporting that their crypto was stolen after a recent software update, others are reporting [1, 2, 3, 4] that they never updated and their crypto was always stolen.

At this time, it is unknown how the compromise took place, but users are advised to transfer their crypto assets to other wallets while the developers investigate the security incident.

BleepingComputer contacted Atomic Wallet with questions about the attack, but an answer was not immediately available.