Will be interesting to know what the real cause is! Malicious update, malicious dependency or a (long hidden) exploit or even an inside job?
It could be all. A malicious update, by a maliciously altered dependency, which was maintained by some developer from the Atomic Wallet dev team. There's no evidence that supports otherwise, because there is nothing transparent in the first place.
People are advised to avoid them year in year out, but they are still dumb and lazy enough to secure their money.
I can't imagine you to be
that dumb. Unless it ain't their entire life savings (as some say), I can't justify being so confident with stuff you've no idea about. I just can't picture myself putting all my money (or most of it) in some shitcoin like XRP, significantly weaker in both centralization and security.