WEB3

Trust Wallet Security Vulnerability Update: Receives Inquiries on November 2022 Attack

by BSCN

April 27, 2023

chain

Trustwallet advised affected customers to create a new wallet and transfer their funds, and its browser extension will notify users with vulnerable addresses.

Trust Wallet Prioritizes User Safety

Trust Wallet has received inquiries regarding the technical details of the November 2022 attack, according to recent reports on April 25.

Earlier, Trustwallet reported resolving the vulnerability in its Wallet Core discovered by a security researcher last November. Additionally, the crypto wallet provider said in its April 22 statement that the vulnerability-affected wallets were generated by its browser extension between Nov. 14 and 23, 2022. 

According to the company, it delayed this disclosure to lower the risk of immediate attacks and breaches. However, despite the delay, the vulnerability was exploited twice, and around $170,000 was lost. 

According to a postmortem report, there are approximately 500 vulnerable addresses left, with an $88,000 balance. The company advised customers affected by the issue to create a new wallet and transfer their funds. 

The Trust Wallet browser extension will notify users with vulnerable addresses. Binance wallet addresses that were affected were previously notified via the crypto exchange.

According to reports, this vulnerability didn’t affect Trust Wallet users on mobile apps or those who import their wallets into the browser extension. In addition, it does not affect anyone who created a new wallet address after Nov. 23, 2022, or before Nov. 14, 2022. 

Moreover, the crypto wallet provider said it is focused on securing the remaining $88k of the user's funds. 

Trust Wallet Developed a Compensation Plan

Trustwallet assured that it would refund impacted users’ stolen funds. Users would receive notifications via their browser extensions about reimbursements created by the firm.

The Trust Wallet company has outlined a detailed compensation roadmap for its hack victims. In order to accomplish this, the organization has instituted a user authentication procedure that all users must follow. 

Trustwallet also urged users to stay vigilant as scammers may see an opportunity to target the community after the recent WASM disclosure.

Since the beginning of the year, crypto exploits have ramped up, starting with an attack on Euler Finance in March. A number of Decentralized Finance (DeFi) protocols were exploited during the first two weeks of April, including Allbridge, Sentiment, Hundred Finance, and Yearn Finance. These attacks resulted in losses of more than $20 million, according to DeFillama data

What Is Trust Wallet:

Trust Wallet is a crypto application and wallet that allows access without registration. It is a decentralized wallet that gives users secure and exclusive control of their funds. Users’ personal information and data are not stored, forming another protection layer. The product’s aims are described as being vested in making cryptocurrencies easily accessible globally.

Trust Wallet allows users easy access to Decentralized Exchanges (DEXes) like UniSwap, PancakeSwap, and ApeSwap, among others. Users can download the application on iOS, Android, and Google Play and begin using it easily.

Where to find Trust Wallet:

Website | Twitter | GitHub | Telegram

;