A recent incident involved a vulnerability found in the WebAssembly feature (WASM) of Trust Wallet.
App vulnerability discovered
A security researcher discovered the vulnerability and immediately alerted Trust Wallet. Upon investigation, Trust Wallet’s team discovered that the vulnerability may allow attackers to execute malicious code directly on the devices of users. The team took immediate action to mitigate the risks and released a security update for the app.
Whilst the vulnerability, which was first reported in November 2022, has been patched, and all addresses that were created after this date are safe, Trust Wallet reports that two exploits managed to steal the value of $170,000 USD.
The Trust Wallet team has assured all users that anyone affected will be reimbursed from any losses. A process has been created to this effect, and affected users have been asked to move the balances on any vulnerable address as soon as possible.
Trust Wallet urges user precautions
As per a recent announcement by the Trust Wallet team, users of the wallet are advised to update to the latest app version. They should also be wary of any suspicious or unexpected emails, messages or links that are related to their Trust Wallet account.
The Trust Wallet team also urged its users to adhere to basic security measures, including updating their apps and devices, creating strong passwords and enabling 2-factor authentication (2FA).
Users of Trust Wallet should also avoid disclosing sensitive information such as recovery phrases or private keys to anyone. Downloading the Trust Wallet App from trusted sources is important, including the official Trust Wallet Website or app store.
The Trust Wallet team assures users that there have been no losses or thefts as a result. They are still investigating the vulnerability, and working on implementing additional security measures in order to prevent future incidents.
The Trust Wallet team affirms that it is committed to the safety of its users’ information and assets, and although incidents such as these can be alarming, it’s important that users stay vigilant and adhere to basic security practices in order to protect their personal information and assets.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Source: https://cryptodaily.co.uk/2023/04/trust-wallet-vulnerability-led-to-170-000-exploit