Trust Wallet Warns Of WASM Vulnerabilities And Offers Compensation For Victims

On April 22nd, it was reported that Trust Wallet, a cryptocurrency wallet, released the “WASM vulnerabilities, event updates, and recommended measures” announcement, which stated that in November 2022, a security researcher reported a Web Assembly (WASM) vulnerability in the Wallet Core, an open-source library of TrustWallet, through a vulnerability reward program. The Trust Wallet Browser Extension uses WASM in the Wallet Core, and new wallet addresses generated by the Browser Extension between November 14 and 23, 2022 contain this vulnerability. TrustWallet quickly fixed the vulnerability, and all addresses created after these dates are secure. However, TrustWallet still detected two potential vulnerabilities, causing a total loss of approximately $170000 at the time of the attack. In response, Trust Wallet will compensate for eligible losses caused by hacker attacks caused by vulnerabilities and create a compensation process for affected users. In addition, Trust Wallet urges affected users to quickly transfer the remaining balance of approximately $88000 on all vulnerable addresses. Users who only use Trust Wallet mobile devices, import wallet addresses into browser extensions, or create a new wallet using browser extensions before November 14, 2023 or after November 23, 2022 are not affected by this vulnerability. If users receive warning notifications on the TW Browser Extension, they may be affected. Users with abnormal capital flows in late December 2022 and late March 2023 may be one of the few victims of these two exploit.

Trust Wallet: There is a vulnerability in the address used to create a new wallet from November 14th to 23rd last year, and a compensation process has been created for affected users

Cryptocurrency wallets are an essential tool for managing cryptocurrencies securely. Many wallets have built-in protections and have been audited by security experts to ensure that they are not susceptible to hacking attempts. However, nothing is entirely impenetrable, and even the most trustworthy cryptocurrency wallets can have vulnerabilities. This is precisely what happened with Trust Wallet, a popular cryptocurrency wallet that recently discovered a Web Assembly (WASM) vulnerability that resulted in significant losses for its users.

The WASM Vulnerability In Trust Wallet

On April 22nd, 2023, Trust Wallet released a statement titled “WASM vulnerabilities, event updates, and recommended measures.” The announcement revealed that a security researcher had discovered a WASM vulnerability in Wallet Core, which is the open-source library of TrustWallet. The Wallet Core is used in the Trust Wallet browser extension, and it was found that new wallet addresses generated by the browser extension between November 14th and 23rd, 2022 contained the vulnerability.
TrustWallet acted swiftly and resolved the vulnerability, fixing the issue and ensuring that all addresses created after November 23rd are secure. Unfortunately, Trust Wallet detected two potential vulnerabilities that caused a total loss of approximately $170,000 during the attack. As a result, TrustWallet has offered compensation for the eligible losses caused by hacker attacks that exploited vulnerabilities and created a process for affected users.

Compensation Process

Trust Wallet is urging affected users to transfer the remaining balance of approximately $88,000 on all vulnerable addresses as soon as possible. Users are advised to only use Trust Wallet mobile devices or import wallet addresses into browser extensions that were created before November 14th, 2023, or after November 23rd, 2022. Users who only create a new wallet using browser extensions after November 23rd, 2022, are not affected by the vulnerability.
TrustWallet has promised to compensate victims of the vulnerability, and the process is currently ongoing. Eligible users are encouraged to contact TrustWallet to begin the compensation process. TrustWallet has also issued a warning notification on the TW Browser Extension, alerting affected users of the vulnerability. Users who experience abnormal capital flows in late December 2022 and late March 2023 are likely to be among the victims of the two exploits.

Recommended Measures

TrustWallet is taking steps to improve its security measures to prevent similar incidents from occurring again. In the statement, TrustWallet recommends users who use the TrustWallet browser extension to update their wallet software immediately. Additionally, TrustWallet advises users to use two-factor authentication (2FA) to protect against future hacking attempts. As with all cryptocurrency wallets, TrustWallet advises users to take precautions to protect their private keys, such as using a hardware wallet that is not connected to the internet.

Conclusion

The Trust Wallet WASM vulnerabilities highlight the need for robust security measures in cryptocurrency wallets. Even though the vulnerabilities have been fixed, the incident underscores the importance of taking all necessary precautions when using cryptocurrency wallets. TrustWallet has acted quickly and has promised compensation to victims of the hack. If you think that you may be affected, it is vital to act fast and contact TrustWallet to begin the compensation process.

FAQs:

1. How did Trust Wallet discover the vulnerability?
Trust Wallet discovered the vulnerability through a security researcher who reported it in November 2022 via the vulnerability reward program.
2. How much was lost due to the vulnerability?
According to Trust Wallet, approximately $170,000 was lost during the attack.
3. How can users protect themselves from similar vulnerabilities?
Trust Wallet recommends updating the wallet software, using two-factor authentication (2FA), and taking precautions to protect private keys, such as using a hardware wallet that is not connected to the internet.
#