Buy/Sell Crypto

A $170,000 flaw had been hiding in Trust Wallet since last November


Trust Wallet, Binance’s non-custodial cryptocurrency wallet, has revealed a security flaw in its Wallet Core software library from last November. Some wallets created directly from the browser extension between November 14 and November 23, 2022 are at risk. Funds were stolen, but a refund procedure was initiated by Trust Wallet.

https://cryptoast.fr/feed/

https://cryptoast.fr/faille-170-000-dollars-cachait-trust-wallet-depuis-mois-novembre-dernier/

Trust Wallet victim of a breach

Trust Wallet, the non-custodial wallet carried by Binance, has just revealed and fixed a WebAssembly (WASM) flaw from its Wallet Core software library. The fault in question would date from last Novemberbut no communication will have been made on this subject in order to mitigate the damage and not to encourage malicious actors to take advantage of it more.

The vulnerability would have been revealed to Trust Wallet teams by a security researcher via their reward program, which allegedly found the error directly in the open source code of Wallet Core.

According to the statement, only a few wallets created directly from the browser extension between November 14 and November 23, 2022 would be at risk. The flaw would now be fixed, and addresses created after this date do not run the slightest risk, according to Trust Wallet.

If you are a Trust Wallet user yourself, your funds are not at risk if :

You only use its mobile application; You have only imported addresses into the Trust Wallet browser extension (not created); You created a new wallet before November 14 or after November 23, 2022.

If you are ever affected by this security breach, a notification alerting you should be visible directly in your wallet.

👉 Find our tutorial to keep your cryptocurrencies safe

The best way to secure your cryptocurrencies 🔒

🔥 Up to $30 in Bitcoin offered!

Funds already stolen, but a refund is expected

According to Trust Wallet, the equivalent of 170,000 dollars has unfortunately already been stolen to some users through this flaw, and potentially $88,000 is still at risk in some wallets.

The users concerned – who therefore normally received a notification in their wallet – must have already received the refund procedure to follow. In the event that you think you are concerned or that you have observed abnormal movements of funds on your Trust Wallet portfolio, we invite you to read the documentation provided for this purpose.

Users who have funds still at risk, namely the $88,000 that has not yet been stolen, are asked to quickly transfer their funds to another wallet or any other means of storage.

Following this breach, Trust Wallet reported that the frequency of its audits had been multiplied by 5 in recent months to prevent such an error from occurring again.

The press release specifies that the flaw mentioned here has nothing to do with the mysterious wave of unsolved hacks we were telling you about earlier this week.

👉 In similar news – Hack: since December, mysterious cryptocurrency thefts affect users’ wallets

Discover ZenGo

$10 Bitcoin bonus from $200 deposit 🔥

Source: Press release

Newsletter 🍞

Receive a summary of crypto news every Monday by email 👌

What you need to know about affiliate links. This page presents assets, products or services relating to investments. Some links in this article are affiliated. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to offer you original and useful content. There is no impact on you and you can even get a bonus by using our links.

Investments in cryptocurrencies are risky. Cryptoast is not responsible for the quality of the products or services presented on this page and could not be held responsible, directly or indirectly, for any damage or loss caused following the use of a good or service highlighted in this article. Investments related to crypto-assets are risky by nature, readers should do their own research before taking any action and only invest within the limits of their financial capabilities. This article does not constitute investment advice.

AMF recommendations. There is no guaranteed high return, a product with high return potential involves high risk. This risk-taking must be in line with your project, your investment horizon and your ability to lose part of this savings. Do not invest if you are not ready to lose all or part of your capital.

To go further, read our Financial Situation, Media Transparency and Legal Notices pages.

Passionate about the world of decentralized finance and the novelties brought by Web 3.0, I write articles for Cryptoast to help make blockchain more accessible to everyone. Convinced that cryptocurrencies will change the future very soon.

Maximilien Prue

676 items



Source

Tags

Share this post:

Share on facebook
Share on twitter
Share on pinterest
Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Posts

THE ONE AND ONLY WAY TO MAKE MONEY IN AUTOMATIC EASILY!

Receive the whole procedure to be able to follow our signals in less than 2 minutes.

Follow Us

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

To access the VIP channel for free and enjoy the benefits of this exclusive channel, just follow these 3 steps:

1. Open a real account with one of our partner brokers necessarily through these links.

⚠️ Select Standard account

2. Make a deposit of at least €500 (€1000/2000 recommended) or more depending on your capital.

Double bonus as a gift! 🎁

        • 1st deposit: 50% bonus offered!
        • 2nd deposit: 20% bonus offered!

*The bonus will of course be added automatically after your deposit. ✅

3. Once done, you can send us the Screenshot of your deposit to support@signaltrading.cryptalite.com to receive the link of the VIP channel 🚀

(If you already have an account with these different brokers, you need to use another ID with another name + email).

Follow Us

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.