Trust Wallet’s WASM Vulnerabilities: What Happened and What You Need to Know

On April 22nd, it was reported that Trust Wallet, a cryptocurrency wallet, released the “WASM vulnerabilities, event updates, and recommended measures” announcement, which stated that in November 2022, a security researcher reported a Web Assembly (WASM) vulnerability in the Wallet Core, an open-source library of TrustWallet, through a vulnerability reward program. The Trust Wallet Browser Extension uses WASM in the Wallet Core, and new wallet addresses generated by the Browser Extension between November 14 and 23, 2022 contain this vulnerability. TrustWallet quickly fixed the vulnerability, and all addresses created after these dates are secure. However, TrustWallet still detected two potential vulnerabilities, causing a total loss of approximately $170000 at the time of the attack. In response, Trust Wallet will compensate for eligible losses caused by hacker attacks caused by vulnerabilities and create a compensation process for affected users. In addition, Trust Wallet urges affected users to quickly transfer the remaining balance of approximately $88000 on all vulnerable addresses. Users who only use Trust Wallet mobile devices, import wallet addresses into browser extensions, or create a new wallet using browser extensions before November 14, 2023 or after November 23, 2022 are not affected by this vulnerability. If users receive warning notifications on the TW Browser Extension, they may be affected. Users with abnormal capital flows in late December 2022 and late March 2023 may be one of the few victims of these two exploit.

Trust Wallet: There is a vulnerability in the address used to create a new wallet from November 14th to 23rd last year, and a compensation process has been created for affected users

Cryptocurrency wallets have become an essential tool for many investors and traders. They provide a place to store digital assets and enable smooth transactions without the need for centralized institutions. However, the security vulnerabilities in wallets have led to several hacks and losses in the cryptocurrency space. Recently, Trust Wallet, a popular cryptocurrency wallet, released an announcement regarding the WASM vulnerabilities, event updates, and recommended measures. In this article, we will look at what happened and what you need to know.

Overview of Trust Wallet’s WASM Vulnerabilities

On April 22nd, 2023, Trust Wallet reported that it had discovered two potential vulnerabilities in its security. The vulnerabilities caused a total loss of approximately $170,000 when a hacker exploited them. The vulnerabilities were discovered after a security researcher reported a Web Assembly (WASM) vulnerability in the Wallet Core, an open-source library of TrustWallet that can be used to build cryptocurrency wallets.
Trust Wallet’s Browser Extension uses WASM in the Wallet Core, and new wallet addresses generated by the Browser Extension between November 14 and November 23, 2022 contain this vulnerability. TrustWallet quickly fixed the vulnerability, and all addresses created after these dates are secure. However, TrustWallet still detected two potential vulnerabilities, causing a total loss of approximately $170,000 at the time of the attack.

Recommended Measures

In response to the vulnerabilities, Trust Wallet has taken several measures. Firstly, Trust Wallet will compensate for eligible losses caused by hacker attacks. Secondly, Trust Wallet will create a compensation process for affected users. Thirdly, Trust Wallet urges affected users to quickly transfer the remaining balance of approximately $88,000 on all vulnerable addresses. Fourthly, Trust Wallet recommends that users only use Trust Wallet mobile devices, import wallet addresses into browser extensions, or create a new wallet using browser extensions before November 14, 2022, or after November 23, 2022, to avoid the vulnerability. Lastly, if users receive warning notifications on the TW Browser Extension, they may be affected. Users with abnormal capital flows in late December 2022 and late March 2023 may also be victims of the two exploits.

Compensation Process for Affected Users

Trust Wallet will compensate eligible users affected by the vulnerabilities starting on May 1st, 2023. The amount of compensation will be based on the loss caused by the security breach. The compensation process will be conducted in steps:
Step 1: Users need to report their losses to Trust Wallet.
Step 2: Trust Wallet will verify each claim and calculate the loss.
Step 3: Trust Wallet will transfer the compensation amount to the affected user’s Trust Wallet account.

Final Thoughts

Trust Wallet’s WASM vulnerabilities caused a lot of losses to users, but Trust Wallet has taken prompt actions to fix the problem and compensate eligible victims. Trust Wallet is urging affected users to transfer their remaining balance quickly to avoid any further losses. However, Trust Wallet has clarified that users who only use Trust Wallet mobile devices, import wallet addresses into browser extensions, or create a new wallet using browser extensions before November 14, 2022, or after November 23, 2022, are not affected by the vulnerability.

FAQs

1. What are the potential vulnerabilities that Trust Wallet detected?
– Trust Wallet detected two potential vulnerabilities that caused a total loss of approximately $170,000 at the time of the attack.
2. How did Trust Wallet fix the vulnerability?
– Trust Wallet quickly fixed the vulnerability and all addresses created after November 23, 2022, are secure.
3. Will Trust Wallet compensate for the losses caused by the hacker attack?
– Yes, Trust Wallet will compensate for eligible losses caused by hacker attacks.